Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

Shop online 24hrs a day or call us Mon-Fri
8:30AM-4:30PM EST - 1-800-915-2088
WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

Internet Browser Anti-phishing Protection

Wednesday, November 22nd, 2006 by | Filed Under: Security Help
 
Loading...


Internet Browser Anti-phishing Protection

The new versions of both Microsoft’s and Mozilla’s Internet browsers have been out for a little while now and while Internet Explorer addressed some much needed issues, Firefox’s new update was less groundbreaking. Both browsers however, did add some anti-phishing functionality, including components that check Web sites for validity before it opens up the Web page for your viewing.

The browser’s anti-phishing tools use slightly different methods to stop potential phishing or spoofing sites and that, among other things, is what I’m going to discuss today.



The much awaited Internet Explorer 7 is here and if you have downloaded the update, you may have noticed the option to turn on the anti-phishing component when it was installing. If not, it’s not a big deal. I am going to go over how to enable this feature, so it can start protecting you right away.

If you do have IE 7’s anti-phishing protection enabled, this is what is going on behind the scenes. Microsoft’s new browser uses a dynamic list of known sites that are used to match any site you wish to visit. If the site you are visiting is on this “good” list, then everything is hunky dory. If the URL is not on the list, then Microsoft will assume that the site is a potential risk (better safe than sorry) and they will deny it from being opened. This list is constantly being updated on the server, so you don’t have your browser simply checking the site you want to visit against the list to determine the risk, if any, of the site. This is a fast and centralized way to stay up-to-date, which is important, because phishing sites don’t stay up long. Twenty-four to 48 hours is usually the life span of one of these sites, so being current means everything.

Microsoft states that no personal information is gathered during the look up process. The URL of the site and any other queries are stripped off and not used in the site look up. All of the query information is sent using SSL as well, to ensure secure delivery. The model is good and works very well. Microsoft’s theory is basically to lock everyone out and let sites and URLs in as they get to know them better.

If you would like to enable this feature on your IE 7, just follow the procedure below.

1.) Open Internet Explorer 7.

2.) Find the Tools on IE 7’s toolbar and click on it.

3.) From here, you will see a number of options, including the Phishing Filter, which has a submenu that pops up when the mouse pointer is scanned over this option.

4.) From the anti-phishing submenu, choose “Turn On Automatic Web site Checking“ and you’re done.

5.) There are some other options in the anti-phishing submenu too. For instance, you can explicitly check out a particular Web site if you want by selecting the option “Check This Web site,” which is a nice option.

Now, Firefox 2 does things a little differently with their new version. There are actually two different methods you can choose from in Mozilla’s browser. Both, like in IE 7, can be enabled or disabled per your decision. One is a list cached locally and updated regularly (every 30 minutes) of known “bad” sites. This local blacklist attempts to validate any site you visit and will immediately take action to warn and protect you against malicious sites. This happens as quickly as you open them.

The second method utilizes an auto-detect service provided by Google. Google will match the address of the site you are about to visit against its information about the site and it will take appropriate action. This auto-detect feature however, does have one drawback, which is that a lot more information is being sent to Google so that it can check out the site for you. This means , basically, that you will be sending your surfing information to Google, so if you are worried about that, you may want to leave this feature disabled and simply go with the blacklist method.

The Firefox anti-phishing tools are simple to enable and unlike IE 7, it turns on the anti-phishing feature by default (it uses the blacklist as default). To work with this, follow the instructions below.

1.) Open your Firefox 2 Internet browser.

2.) Select Tools, Options on the Firefox toolbar.

3.) Select the Security option and you should see the anti-phishing options right there on the top of the section.

4.) The option to use the blacklist should be enabled if you would like to use the Google Lookup method. Simply check the radial button to do so. This will turn off the other method (you can only use one at a time). You can turn off the entire feature by choosing to clear the check box labeled “Tell me if the site I’m visiting is suspected forgery.”

With this being said, the question that begs to be answered is, “Which browser has the best anti-phishing security”?

As with so many other things, this competition is really in the eye of the beholder. Both methods have showed great success in stopping different types of anti-phishing tactics. Each of the browsers actually showed that different methods worked better in different scenarios. So, really, they both do their jobs well and should be more than adequate protection, especially when coupled with good old fashion street (Web) smarts.

Even with anti-phishing tools in place, the best protection is still common sense and education. Just remember the fundamentals regarding phishing techniques and you should always be able to pick out the dirty scams from legitimate sites.

Until next week, stay safe out there!

~ Chad Stelnicki

Leave a Reply


Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.


Enter Email Address:

Subscribe

Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup



Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Subscribe


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive


Categories:
Archives: