Some attacks are based on sending e-mail (or any medium for links) with link contains misspelled name: for example - mozila.com instead of mozilla.com. Way to protect is simple: integrate URLBAR with a dictionary. Additionally show tags bellow parts of url (separated by dot) like bank name, company name, etc. User may click on misspelled name and seen suggestions. I am not person, who known DNS much, but as I remember DNS records do not contains registration date. If it does, check if domain was registered not long ago. Workaround if not: allow user to click button to check registration date. 1. Domain was not checked previously or not in DNS servers previously: Mozilla servers will asks DNS server if domain was registered. If does, it will remember date of request and return current date. 2. Domain was checked previously - Mozilla servers will reply with stored date in DB. I known, this was two ideas, but I would not split it. Why these solutions: 1. If hackers created domain looking similar to domain of big company, like Netfix.com, user seen that Netfix contains spelling error and click check registration date then 2. If hackers try to trick registration time mechanism and send request to check registration time of new domain, then wait some years and performs attack - this is not great solutions, because Mozilla employers could check registered domain and seen it will be probably used to perform attacks 3. Maybe create algorithm to found domains with similar names, but it requires to download DNS database time to time. EDIT: Also, displaying notification if page is not in history and user do not private browsing currently. Something like: You are visiting this page for first time. Check if it is page you are believing it is. Click on lock icon, check certificate, etc.
... View more