Firefox and other browsers can do a simple thing:<p>Make the SLD + TLD <i>bold</i> in the address bar. For example https://www.yahoo.<i>phishing.com</i><p>Then make it <i>bold and green</i> if ssl is properly engaged.<p>So you can just tell everyone "if the bold green thing matches the domain you intended to go to, then it's safe".<p>Right now there is no way to give succinct clear instructions to someone not familiar with web tech. And you get this crap: https://twitter.com/dawnstarau/status/793580200403406848/photo/1?ref_src=twsrc%5Etfw