You go to log on to a site.
Your login information is sent to a site that checks if your credentials match what it has.
But what happens if instead, your login information is instead redirected to a malicious site?
The story is here.
Some are saying it is just hype and not be concerned.
But should you believe that it is possible?
