A phishing attack is being discussed in the security community today that allows an attacker to register a domain that appears identical to a known safe domain in the web browser. They can use this domain to launch phishing attacks that trick you into handing over your username and password information.
This attack makes it impossible to tell if you are on a safe site or a malicious site by looking at the location bar in your browser. This affects the current versions of Chrome and Firefox.
We have published a public service announcement
that provides a working demonstration using a health care website. We also let you know how to fix the issue if you use Firefox and what to do if you are using Google Chrome.