In order to avoid fishing, every user's login prompt on a website should have unique background.
These backgounds will be generated similarly to one of these websites:
Both websites, use somekind of algorithm that converts data into background image.
If we set a random cookie on a member's website that never expires, and we generate a background based on this cookie for every login prompt, every user will have his own different background of login prompt. Because every user will have a different cookie.
A fishing attempt is done from a different domain name, hence the server of a fishing server will not be able to read the users' cookie. Hence the background of login prompt will be different to what the user is used to.
With the right warning on the login, this technique may prevent many fishing attempts.
Used in combination with DNSsec, and making user aware of the cookie-based backgrounds protection principle, may protect a vast majority of fishing attacks.
90% of users always use the same device to login to the same resource. Repetitive logins make user aware of backgrounds. As long as the user does not delete cookies, he sees the same background on every user prompt done from the same browser.