Realtime Anti-Phishing Add-on for Firefox gone bad

Posted by Martin in Browsing, firefox  Tags: , , , ,

6

Nov


Phishing, as wikipedia puts it, is a criminal activity using social engineering techniques. I receive daily mails that seem to come from respected websites like ebay, amazon or financial sites that ask me to update my software by following a link from within the email. This leads to a fake website that looks similar to the website that you normally visit. Once you enter your login data the criminals will have and use that information for their own advantage.

Worst case ? They transfer all your money from your bank account or create bogus ebay auctions for great buy it now prices. The average user has a hard time detecting fake websites. A guideline would be to never click on links in emails, check the SSL lock in the status bar and take a look at the sites certificate. Most users do not know about this, enter Phishtank SiteChecker.

The Phishtank SiteChecker Add-on checks with the Phishtank phishing database everytime you load a website and displays a warning if you are about to enter a website that is listed there. That is the theory..

I performed a few checks and discovered some interesting results. As we all know Firefox 2.0 has built in Phishing protection. I tried to access some of the websites that are listed on the phishtank site and none that I tested were shown as phishing websites by phishtanks sitechecker. Firefox itself however warned me everytime I opened one of the sites mentioned in the list.

This could mean two things. Phishtank Sitechecker and Firefox 2.0 don’t work well together which means that once Firefox 2.0 checks the site and gives you a phishing warning the sitechecker is somehow hindered to do that or the sitechecker is not working that well.

This could still be a nice extension for Pre 2.0 versions, I would suggest you keep an eye on the extension. At the moment it is not useful at all. Even 1.x users of firefox should consider upgrading to 2.x instead of installing that add-on at the moment.

Update:

The new version is working fine for me, suggest you update to the newest version asap.

Top Free Download: Start Free PC stability Scan

9 Users Commented In This Post

Subscribe To This Post Comment Rss Or TrackBack URL
MyAvatars 0.2
MASA says, November 6th, 2006   

Actually it hasn’t gone bad. The problem is that phishtank is slow on updating their feed (which is done every hour from this url:

http://data.phishtank.com/data/online-valid/
)

any website on that url will be blocked.

MyAvatars 0.2
Martin says, November 6th, 2006   

are you the creator by chance ? I had no information when and how this was updated. I tried some on that website http://www.phishtank.com/phish_archive.php even some that were listed as valid phish but to no avail.

MyAvatars 0.2
MASA says, November 6th, 2006   

yes.

The latest site that was added to the list is this one:

http://www.sgtgrind.de/news/db/

See if it blocks it for you.

(you might also have accidently turned off the extension [ie: disabled it through the prefs])

MyAvatars 0.2
Martin says, November 6th, 2006   

It is showing Safe! in the status bar and the extension is active..

MyAvatars 0.2
MASA says, November 7th, 2006   

oh and if you have fasterfox installed it causes a problem with firefox reading the feed. It makes the feed be cache’d wrong because it ruins its formatting and takes out the tags (makes it plain txt).

The simple fix is just clearing your cache.

MyAvatars 0.2
Martin says, November 7th, 2006   

How do I access this one ?

MyAvatars 0.2
MASA says, November 7th, 2006   

Okay I updated the extension to use a diffrent method to get if the site is a known phishing site.

Go get it here:

http://gamespotting.net/phishtank/sitechecker.xpi

If it doesn’t work for you then it is a problem with your Firefox config.

MyAvatars 0.2
Martin says, November 7th, 2006   

This version is actually working for me.. I update the story asap

MyAvatars 0.2
MASA says, November 8th, 2006   

Thank you for updating the story. Glad it works for you now. :)

Leave Your Comments Below
Hello, please leave your thought below

Please Note: Comments may need to approved by admin. so there's no need to resubmit your comments.