Opera
Opera, presumably without any knowledge of this particular attack seeing as I'm not using a "snapshot" version, just the last regular update, does the best that you can expect - the title bar changes to "Gmail" (but then you can hardly regulate titlebar changes!) but the printed URL in the address bar and the favicon stay identical to the version which "loaded" originally.
Though it is more interesting than most of these techniques, again it only fools the unwary who have been and always will be at risk because they don't bother to check things properly. If people don't check for padlocks / green security bars / etc. then they are stuffed anyway. 99% of people *don't*. And if you just ignore security certificate warnings or click Yes, then you're stuffed too.
Follow the oldest rules of all: If you want to log in to GMail, type in www.gmail.com into your browser. Don't click a link. If something asks you to "login again", check it thoroughly, no matter if you "thought" you were logged in already. (Incidentally, the latest Opera stable plays merry hell with the Register logins and I'm constantly being asked to re-log-in).
About once every six months or so GMail asks me to log in again, and that freaks me out and I have to check why. And even the Google Adsense thing (which asks you to login but also has a "Click here if you're a Google Account user" link) arouses my suspicions immediately because I should damn well already be logged in so the sight of some login boxes makes me suspicious.
And those people who *don't* work like that should be using their browser's privacy features like autologin on sites because that way their details WON'T be automatically plugged in on anything but the sites they were intended for, and hence you will "spot" these problems quicker.
It's interesting, will likely catch a LOT of people out, but it's nothing that hasn't always been possible, and nothing you can really "fix" except by whacking people around the earhole.
Biting the hand that feeds IT
