Quote:

We've now seen several phishing web sites that are using flash-based content instead of normal HTML. Probably the main to reason to do this is to try to avoid phishing toolbars that analyze page content.

Two recent examples, both targeting PayPal: www.ppal-form-ssl.com and www.welcome-ppl.com.

These sites look like the real PayPal front page, but they are actually Flash recreations.

F-Secure article

So, what's the answer? Would right clicking on parts of a page to check properties of same be adequate?

FF users could try the flashblock addon?

Flashblock

May get in the way a bit like the Noscript extension but it seems ok here atm.