Recently I saw a video (in Czech language, sorry) where a guy describes an elaborate fraud. It is basically a form of phishing combined with caller id attack (phone calls are part of it). The new thing is that they are using believable domain names for the attack.
My idea is to create and keep an open list of genuine websites (anyone can add his website) which are juicy subjects for phishing (government, offices, banks, ...) and create a logic which evaluates if the current domain resembles a domain from this list and displays a warning.
Improved version could be to enable this via a header or meta tag when the user first visits my genuine website. This could lower operation costs since there would be no global list but the list would be created on the fly. I am not vulnerable to phishing if I don't use the genuine service at all.
Bonus points would be to evaluate the page visual and compare it to the genuine visual. Using AI, probably.
What do you think?