Firefox 2 added an anti-phishing feature that alerts when you are visiting a suspected fake site according to a Google-provided black list of known phishing sites, but it is not 100% effective as more and more phishing sites are added daily and there is a lag between the phishing web site release and its identification, verification and addition to the black list.

Usually, phishing sites use a very long domain address and include a variation of the real domain name (the part of the web address before the first slash [/]) in it, so unaware users will think they are getting the real thing if they just give it a quick look. Locationbar², developed by Dao Gottwald, adds a simple way to more easily identify the domain name, by highlighting it and hiding the protocol prefix (such as http://, https:// and ftp://).

Install it and the next time you are referred to a web site where you are asked for a username and password, check the highlighted part to be sure you are where you are supposed to be.