Phishing scams don't need to hijack a device on your LAN or manipulate DNS responses. That makes their job a lot harder for very little reward.
Basically what a phishing scammer does is:
1) Register a domain like "amezon.com". Or, more realistically, something like "amazon.com.loginform.io".
2) Get a valid SSL certificate for that domain (easy, because they own the domain).
3) Set up a website that looks like the one they are pretending to be. The tool described in the article helps with this.
4) Distribute links to their fake site by any and all means. Email, forums, social media, etc.
A lot of people won't check the address bar very carefully (or not at all), and a lot of people would have trouble telling a legitimate amazon.com from a fake one if you gave them a side-by-side comparison with the important bits highlighted. That is the biggest problem here.
That's exactly what I'm saying above BP
.
Although a very interesting post / development, I don't see how this development threatens you anymore than a traditional scam as it still relies on you to click a link in eg a phishing email to take you to a domain that appears to be the domain you want, but in actuality is a clone or live image of the real domain. The only difference is you can no longer rely on confirmation codes logins to save you if you click the wrong domain.
Or to put it another way, as I suggested above, if you google eg Amazon.com, and click on the top search result, then you should go to Amazon.com and short of them inserting a middle server in your home or at Amazon, I fail to see how this could threaten you. The danger comes from clicking on a link to a spoof site which means following a link in a phishing email.
As for smart devices in your home, I see the potential, although question whether eg a fridge, would have the computing power to live serve an entire website. Either way, I don't have SMART devices, nor will I ever have, (anyone wondering why need look no further than a certain smart helper box that can allegedly records conversations as a side feature and sends them to a big corporations servers where staff can listen to them), so for me it's no biggy.