The inception bar: a new phishing method

But when you visit this site on Chrome for mobile, and scroll a little way, the page is able to display itself as :

In Chrome for mobile, when the user scrolls down, the browser hides the URL bar, and hands the URL bar’s screen space to the web page. Because the user associates this screen space with “trustworthy browser UI”, a phishing site can then use it to pose as a different site, by displaying its own fake URL bar – the inception bar! Once Chrome hides the URL bar, we move the entire page content into a “scroll jail” – that is, a new element with .

Source: jameshfisher.com