The substitution of the address of a site in the address bar through a vulnerability in the browser or other program. It is used by online scammers (for example, owners of phishing sites that steal victims’ personal data) so as to fool site visitors and distribute malware under the guise of a legitimate program.