Some phishing scams use JavaScript to alter the address bar to make it seem legitimate. This is done by placing a picture of the legitimate company's URL over the addres bar" or by closing the original address bar and opening a new one containing the legitimate URL.

In another method of phishing that is quite popular, an at¬tacker uses a trusted website's own scripts against the victim. These types of attacks (cross¬site scripting) are particularly nasty, because they direct the user to sign in at their bank or service's own web page, where everything from the web address to the security certificates appears correct. This attack is very hard to spot as it is the link to the website is crafted to carry out the attack.