A number of address bar spoofing vulnerabilities have surface on mobile browsers, and Rafay Baloch wrote about them. There was one found in Safari but Apple patched it in September with iOS 13.6. The other bugs mostly concern Opera.
With ever growing sophistication of spear phishing attacks, exploitation of browser-based vulnerabilities such as address bar spoofing may exacerbate the success of spear phishing attacks and hence prove to be very lethal. First and foremost, it is easy to persuade the victim into stealing credentials or distributing malware when the address bar points to a trusted website and giving no indicators forgery, secondly since the vulnerability exploits a specific feature in a browser, it can evade several anti-phishing schemes and solutions.
Check It Out: Address Bar Spoofing Bugs Surface on Mobile Browsers
