Yes, and it is possible for a hacker to use a proxy to generate web-pages that look totally like whatever page. At least in a local network with shared internet connection. After collecting the users data they can either generate a screen saying 'the service is down', or just post the data to the real web-shop. The only trouble is the SSL validation in the browser will come up with a warning screen to the user, but most users click 'ok' anyway.

And I suppose that if a cracker could get access to somones internet log (index.dat?) for recently visited web-pages, the cracher could change the corresponding IP to his own web-page.

I suppose the possibilites are far too many, and creating a fool-proof solution is still some years away.