Realtime Anti-Phishing Add-on for Firefox gone bad
Phishing, as Wikipedia puts it, is a criminal activity that uses social engineering techniques to steal data from Internet users. I receive mails daily that seem to come from respected websites like eBay, Amazon or other services that try to get me to follow links in those emails or execute a software or document that has been attached to it.
The links lead to fake websites that look like the real deal but are designed to steal information such as username or password, credit card numbers and security codes, social security numbers or other important information. If you fill out the form on those sites you submit those information to third parties that have nothing to do with the legitimate business they claimed they come from.
Worst case? They transfer all your money from your bank account or create bogus eBay auctions to rip of customers so that you will get blamed for it in the end.
It can be difficult to detect fake websites. Probably the best advice is to never click on links in emails, make sure that sites you connect to make use of https in front of the address, and have valid certificates.
Firefox users can increase the security of the browser by installing the Phishtank SiteChecker, at least that is what it states on the add-on page.
The Phishtank SiteChecker Add-on checks with the Phishtank phishing database every time you load a website and displays a warning if you are about to enter a website that is listed there. That is the theory.
I performed a few checks and discovered some interesting results. As we all know Firefox 2.0 has built in Phishing protection. I tried to access some of the websites that are listed on the phishtank site and none that I tested were shown as phishing websites by phishtanks site checker. Firefox itself however warned me every time I opened one of the sites mentioned in the list.
This could mean two things. Phishtank Sitechecker and Firefox 2.0 don't work well together which means that once Firefox 2.0 checks the site and gives you a phishing warning the sitechecker is somehow hindered to do that or the sitechecker is not working that well.
This could still be a nice extension for Pre 2.0 versions, I would suggest you keep an eye on the extension. At the moment it is not useful at all. Even 1.x users of firefox should consider upgrading to 2.x instead of installing that add-on at the moment.
Update: The new version is working fine for me, suggest you update to the newest version asap.
Update 2: The extension has been updated in 2008 for the last time which suggests that it won't work in newer versions of the web browser. I recommend you stick with the built-in phishing protection instead.Advertisement