Sniffing out Phishing
One simple method recommended to users to help detect phishing is to use the hover trick, where a user hovers their cursor over a link to check their browser displays the domain they are expecting - if the link appears to be correct, click away.
Consider the following html which simply links to Wikipedia and Yahoo.
<ul>
<li><a href="http://www.wikipedia.org/">www.wikipedia.org</a></li>
<li><a href="http://www.yahoo.com/">www.yahoo.com</a></li>
</ul>
These links look innocent from the hover perspective - however if we add some javascript, we can trivially bypass this (simple) user control:
$(document).ready(function(){
$('a').bind("click", function(){ $(this).attr('href', 'http://google.com/'); });
});
When a user applies the hover method they will see the following (seemingly correct) link in their browser:
However, on a click event links are be redirected to Google.