Realtime Anti-Phishing Add-on for Firefox gone bad

Martin Brinkmann
Nov 6, 2006
Updated • May 17, 2013
Firefox, Firefox add-ons

Phishing, as Wikipedia puts it, is a criminal activity that uses social engineering techniques to steal data from Internet users. I receive mails daily that seem to come from respected websites like eBay, Amazon or other services that try to get me to follow links in those emails or execute a software or document that has been attached to it.

The links lead to fake websites that look like the real deal but are designed to steal information such as username or password, credit card numbers and security codes, social security numbers or other important information. If you fill out the form on those sites you submit those information to third parties that have nothing to do with the legitimate business they claimed they come from.

Worst case? They transfer all your money from your bank account or create bogus eBay auctions to rip of customers so that you will get blamed for it in the end.

It can be difficult to detect fake websites. Probably the best advice is to never click on links in emails, make sure that sites you connect to make use of https in front of the address, and have valid certificates.

secure website phishing

Firefox users can increase the security of the browser by installing the Phishtank SiteChecker, at least that is what it states on the add-on page.

The Phishtank SiteChecker Add-on checks with the Phishtank phishing database every time you load a website and displays a warning if you are about to enter a website that is listed there. That is the theory.

I performed a few checks and discovered some interesting results. As we all know Firefox 2.0 has built in Phishing protection. I tried to access some of the websites that are listed on the phishtank site and none that I tested were shown as phishing websites by phishtanks site checker. Firefox itself however warned me every time I opened one of the sites mentioned in the list.

This could mean two things. Phishtank Sitechecker and Firefox 2.0 don't work well together which means that once Firefox 2.0 checks the site and gives you a phishing warning the sitechecker is somehow hindered to do that or the sitechecker is not working that well.

This could still be a nice extension for Pre 2.0 versions, I would suggest you keep an eye on the extension. At the moment it is not useful at all. Even 1.x users of firefox should consider upgrading to 2.x instead of installing that add-on at the moment.

Update: The new version is working fine for me, suggest you update to the newest version asap.

Update 2: The extension has been updated in 2008 for the last time which suggests that it won't work in newer versions of the web browser. I recommend you stick with the built-in phishing protection instead.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. MASA said on November 8, 2006 at 12:20 am

    Thank you for updating the story. Glad it works for you now. :)

  2. Martin said on November 7, 2006 at 5:50 pm

    This version is actually working for me.. I update the story asap

  3. MASA said on November 7, 2006 at 6:22 am

    Okay I updated the extension to use a diffrent method to get if the site is a known phishing site.

    Go get it here:

    If it doesn’t work for you then it is a problem with your Firefox config.

  4. Martin said on November 7, 2006 at 1:10 am

    How do I access this one ?

  5. MASA said on November 7, 2006 at 12:04 am

    oh and if you have fasterfox installed it causes a problem with firefox reading the feed. It makes the feed be cache’d wrong because it ruins its formatting and takes out the tags (makes it plain txt).

    The simple fix is just clearing your cache.

  6. Martin said on November 6, 2006 at 9:56 am

    It is showing Safe! in the status bar and the extension is active..

  7. MASA said on November 6, 2006 at 9:31 am


    The latest site that was added to the list is this one:

    See if it blocks it for you.

    (you might also have accidently turned off the extension [ie: disabled it through the prefs])

  8. Martin said on November 6, 2006 at 9:08 am

    are you the creator by chance ? I had no information when and how this was updated. I tried some on that website even some that were listed as valid phish but to no avail.

  9. MASA said on November 6, 2006 at 8:50 am

    Actually it hasn’t gone bad. The problem is that phishtank is slow on updating their feed (which is done every hour from this url:

    any website on that url will be blocked.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.