There is a vulnerability in Safari that enables attacks to display correct URLs and fake login pages and extract personal information
A vulnerability has been reported using Microsoft's Edge and Apple's Safari that allows you to "display the login page of fake while displaying the correct URL in the address bar and exploit personal information from users" . Edge is being addressed by Windows update in August, but Safari still remains vulnerable.
Apple Safari & Microsoft Edge Browser Address Bar Spoofing - Writeup - Miscellaneous Ramblings of A Ethical Hacker
Beware! Unpatched Safari Browser Hack Lets Attackers Spoof URLs
What kind of hacking will be possible can be confirmed from the following movie.
Microsoft Edge Address Bar Spoofing Vulnerability By Rafay Baloch - YouTube
Opening the URL "http://sh3ifu.com/bt/Edge-Spoof.html" ......
If you believe that you are a Google login page and enter your user name and password, you will be informed while you do not know.
Ultimately, it moves to a real login page and it will be "I found out that it was wrong?", But many people think that simply failed in login.
In addition, you can see the version using Safari from the following. Basically, in Safari typing can not be done while loading a page, but it is said that it is possible to input information by putting a fake keyboard on the page.
Safari Address Bar Spoofing Vulnerability By Rafay Baloch - YouTube
Microsoft solved this problem with the monthly update in August, but Apple has not distributed patches to Safari and the vulnerability is still left unattended.
According to Baloch, Google Chrome and Firefox have not found any vulnerability to enable such attacks.