Hacker News new | ask | show | jobs
by sowpati 3442 days ago
I'm not an expert, but as I understand, they don't actually use password fields on phishing pages. Instead they use normal text fields and fake password dots. So I'm not sure if they can be identified as login pages.

ETA: another parent comment talks about the same thing.
1 comments
andygambles 3442 days ago
In general they should use EV site wide rather than just login pages just to help confirm it is the correct legitimate website.
link