gHacks technology news » firefox phishing

Test The Phishing Protection In Firefox

Martin — Tue, 06 Oct 2009 12:48:34 +0000

There are basically two options to protect computer systems (and their users) from phishing attacks. The first are protections in programs like email clients or instant messengers that are commonly used to spread phishing links while the second method blocks the web browser from opening those links (when they have already been clicked on). The phishing protection – they call it web forgery protection – in the Firefox web browser belongs to the second protection option against phishing attacks.

Firefox will display a warning whenever the user tries to open a website that is a reported phishing website. Updated phishing and malware lists are automatically downloaded every 30 minutes if the web forgery protection is enabled in the web browser.

The following screen is then displayed if a website is opened that is on that list of phishing and malware websites.

The user still has the option to ignore the warning and proceed with the site loading but it is generally recommended to stop at this point and close the tab. There is however one nagging questions that some Firefox users have. How can they be sure that the phishing protection is working in the web browser?

Mozilla has created a specifically prepared website that will trigger the phishing protection. Users who open the It’s a trap website at Mozilla.com will see the web forgery warning if the phishing protection is enabled and working in the web browser. Everyone else will simply see the test website.

Firefox users who do not see the warning page should go into the Tools > Options > Security in the Firefox options and ensure that the entries Block reported attack sites and Block reported web forgeries are checked.

The phishing test website will not work with other browsers even if they offer phishing protection as well.

Tags: firefox, firefox phishing, firefox security, firefox web forgery, phishing, web forgery

Add Hostname To Firefox Titlebar

Martin — Wed, 10 Dec 2008 20:12:19 +0000

The hostname is basically the root url of a website, for Ghacks it would be www.ghacks.net. Adding that information to the titlebar has two apparent benefits. Number one is related to phishing. Antiphishing measures have been implemented in many web browsers and security software programs which could lead to the assumption that “yet another” way of helping with the identification of phishing sites might be overkill.

Experienced users on the other hand know that no software or script will reach an accuracy of 100%. There will always be false positives and negatives meaning regular websites that are identified as phishing websites (although they are not) and phishing websites that are not identified as such. The latter is obviously more devastating for the user.

Adding the hostname to the titlebar gives the user the opportunity to quickly check if he is on the right website. This in addition to other indicators can aid the user tremendously. More tips can be found at our Phishing Explained article.

There is however another benefit for users who work with password managers like KeePass who make use of the title for identification purposes.

Hostname in Title Bar (via Technix Update) is an experimental Firefox add-on which means that you have to sign in to the Mozilla website before you are allowed to download and install it.

Tags: anti-phishing, antiphishing, firefox, firefox phishing, firefox-add on, firefox-extension, phishing, phishing protection

New Phishing Emails Emerge

Martin — Fri, 01 Aug 2008 18:36:05 +0000

The usual phishing email is still claiming that “action” is required because of something that just happened. This can be a fake eBay purchase, PayPal or bank account transactions. While these methods are still highly successful it becomes widely known by the general Internet user that they should not click on emails that contain such topics.

A new phishing email (via Trend Micro)that recently emerged claimed that the user’s Bank of America account was accessed by an international IP from an unregistered computer and that their “Foreign IP Spy” detected that breach.

It is asking the user to verify and register his current computer by logging in to the Bank of America website. That link leads to a new window which opens a phishing website that is using a fake address bar. Most users who clicked on that link will surely enter their login information.

This approach is basically appealing to the user to secure his account. That’s tricky and many users will probably fall for this because they believe that thiefs would not ask them to secure their accounts. What they obviously miss is the fact that the added security feature is fake and not existing.

Websites with that fake address bar can be easily identified by right-clicking on that website and selecting properties from the context menu if Internet Explorer is the browser of choice. Firefox users click on Page Info in that right-click menu while Opera users press Alt + Enter or right-click and selected Edit Site Preferences.

The best protection against phishing is to not open any links in emails. Always open the website directly in the browser. If you are insecure call the company and ask if they have send that email to you.

Tags: bank of america, firefox phishing, opera phishing, phishing, prevent phishing, trend micro

gHacks technology news » firefox phishing

Test The Phishing Protection In Firefox

Related posts

Add Hostname To Firefox Titlebar

Related posts

New Phishing Emails Emerge

Related posts