Developer James Fisher discovered a gap in the Chrome web browser on the Android system. This vulnerability exploits user trust in the address bar at the top of the page to make them believe they’re visiting a secure location by showing a fake version of the browser’s address bar.
James explained on his blog how any website can fool users by showing an address bar with assurances that the site is safe instead of the original tape and interface by using some deception in the design.
Fisher also posted a video explaining how he had fooled the browser to inspire those he saw surfing on a secure site.
Source : blog post