Has anyone even considered the security implications of this? The number 1 way to train users against phishing is to tell them to look at the address bar. Once they know what it means (which in my experience takes a minute to explain), they can easily tell that Bancofamericaa.com is not the bank of america.