Problem is hardly anyone knows how a url and domain name work which makes sense because they follow some rules that are simple but not obvious without education. This is made worse by the fact that many companies use 100 different domain names so the legit websites are impossible to tell from scams
>This is made worse by the fact that many companies use 100 different domain names so the legit websites are impossible to tell from scams
Ugh. The worst. I have to explain weekly that microsoftonline.com is fine, az.co is really amazon, why things like amazon.training are legit, what x.co or other link shorteners are, and that only the last . matters and the letters immediately before and after that.
It’s a bad system, made worse by people that should know better.
The people that should know better are, I'm afraid, us. I recall many complaints a few months ago when the idea was floated for Chrome to not show the URL in the location bar but instead display the organization name from the SSL certificate.
That would give the EV Certificate vendors, who have shown many times they can't be trusted, too much power, and turn the web into a walled garden, or it would be useless. Take your pick.