When going through the authentication process for google the user is presented with a sparse window with a black header stating authorization required, displaying what appears to be the google login form; this apparent web view is sandboxed so the user must enter their credentials. This page is devoid of any means by which the user could reasonably ascertain that this is an authentic google form, or connected over a secure connection.
Therefore the only reasonable position for the user to take is to assume that this is a phishing attempt and refuse to enter anything.
because this is sandboxed the user is unable to make use of an already established login such as can be performed by going directly to pushbullet's website for the first time after having signed into google directly.
jariz
commented
7 years ago
When going through the authentication process for google the user is presented with a sparse window with a black header stating authorization required, displaying what appears to be the google login form; this apparent web view is sandboxed so the user must enter their credentials. This page is devoid of any means by which the user could reasonably ascertain that this is an authentic google form, or connected over a secure connection.
Therefore the only reasonable position for the user to take is to assume that this is a phishing attempt and refuse to enter anything.
because this is sandboxed the user is unable to make use of an already established login such as can be performed by going directly to pushbullet's website for the first time after having signed into google directly.