Test The Phishing Protection In Firefox

Martin Brinkmann
Oct 6, 2009
Updated • Feb 15, 2015

There are two options basically to protect computer systems (and thus users) from phishing attacks.

The first type refers to protections in programs like email clients or instant messaging services that are commonly used to spread phishing links while the second to methods that block the web browser from opening those links (when they have already been clicked on). The second type comes in form of antivirus solutions running on the system or web browser security.

The phishing protection - Mozilla calls it web forgery protection - of the Firefox web browser belongs to the second method as it blocks known attack pages in the browser by default.

Firefox displays a warning whenever you attempt to open a website that is a reported phishing website. Updated phishing and malware lists are automatically downloaded every 30 minutes if the web forgery protection is enabled in the web browser.

The following screen is displayed if a website is opened that is on that list of phishing and malware websites.

You still have the option to ignore the warning and proceed but this is generally recommended to stop at this point and close the tab.

It happened in the past that legitimate sites were flagged as web forgeries even though they were not and this seems to be a legitimate reason to ignore the warning and proceed.

There is however one nagging questions that some Firefox users may have. How can they be sure that the phishing protection is working in the web browser?

Mozilla has created a specifically prepared website that will trigger the phishing protection. Users who open the It's a trap website by Mozilla will see the web forgery warning if the phishing protection is enabled and working in the web browser. Everyone else will simply see the test website.

firefox phishing protection

Firefox users who do not see the warning page should go into the Tools > Options > Security in the Firefox options and ensure that the entries Block reported attack sites and Block reported web forgeries are checked.

firefox security

This may be useful if another program provides phishing protection already.

The phishing test website will not work with other browsers even if they offer phishing protection as well.


Tutorials & Tips

Previous Post: «
Next Post: «


Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.