It can be used to lead you to a page that exploits the browser, before you realize you're not on the expected site.
There are, most of the time, undisclosed zero day attacks in the wild, for most browsers and plugins.
I should add that I check the URL bar when I enter information, but not always when I browse casually. I always check the target of links, though, and this could trick me.
I wouldn't be surprised if some users never read the URL bar... people who can't tell a browser from a search engine, for example.
There are, most of the time, undisclosed zero day attacks in the wild, for most browsers and plugins.
I should add that I check the URL bar when I enter information, but not always when I browse casually. I always check the target of links, though, and this could trick me.
I wouldn't be surprised if some users never read the URL bar... people who can't tell a browser from a search engine, for example.