Verification of web domains that request login credentials is provided to assist a user in identifying fraudulent request or in avoiding transmission of login credentials in response to such requests. Domain information from a login credential is used to select a verification service corresponding to the domain issuing the credential. Based on a trust level provided by the verification service for the requesting domain, corrective actions may be taken to warn the user or prevent transmission of login credentials. Alternatively, verification may be performed on applications residing on a local computer.