What is SpoofStick?
SpoofStick is a simple browser extension that helps users detect spoofed (fake) websites. A spoofed website is typically made to look like a well known, branded site (like ebay.com or citibank.com) with a slightly different or confusing URL. The attacker then tries to trick people into going to the spoofed site by sending out fake email messages or posting links in public places - hoping that some percentage of users won't notice the incorrect URL and give away important information. This practice is sometimes known as “phishing".
SpoofStick makes it easier to spot a spoofed website by prominently displaying only the most relevant domain information. It's not a comprehensive solution, but it's a good start. For example, if you're on the following URL (this is a real, legitimate ebay url):
Spoofstick will say: "You're on ebay.com".
If you get fooled by going to a spoofed site, for example http://email@example.com/ (a "spoof" example used by ebay in their customer outreach),
Spoofstick will say: "You're on 10.19.32.4"
You can download it here: