Security

How do I prevent phishing attacks in Firefox 3?

Jack Wallen shows you how to prevent phishing attacks with extra preventative measures that you can add to Firefox.

The term phishing should evoke either fear or caution in your heart. Phishing is using a false Web site (masquerading as another, friendly site) to acquire sensitive data from users. Most often this occurs on sites that require users to enter information such as credit card numbers or bank account information. Usually the users have no idea that their information is being fed to a malicious site.

Phishing evolved from the older phreaking, which refers to a subculture of people who exploit the telecommunications systems. It has evolved to such a state, however, that it is much more than a subculture. Phishing now occurs on a daily basis, resulting in millions of dollars of stolen wealth.

Fortunately newer browsers have become much smarter than what they used to be. Firefox 3 contains an anti-phishing system that is fairly good at catching phishing attempts. But just because Firefox has built-in anti-phishing technology, doesn't mean you (and your users) should become complacent. In this How do I, I show you how you can add extra preventative measures to Firefox to combat phishing attacks, as well as test your browser to make sure it is actually catching attempts.

This blog post is also available in PDF format in a free TechRepublic download.

Built-in feature

Before we get into adding anything extra, let's take a look at what Firefox offers by default. The built-in feature works by checking the site you are visiting against a known list of malicious sites. This is all based on the Google Safe Browsing Protocol (Protocolv2Spec).

By default this feature is turned on; however, if you want to make sure it is turned on, open the Preferences window and click on the Security tab (Figure A). From within this tab you should see that both Block Reported Attack Sites and Block Reported Web Forgeries are checked. If either check box is unchecked, make sure you check it and close the Preferences window.

Figure A

You can also make sure the check box for malware (Warn Me When Sites Try to Install Add-Ons) is checked.

There are no configurations to take care of for the built-in anti-phishing measures. But what if the default isn't enough? No matter how good the defenses are, those who want to get around them eventually will. So in this case the adage "less is more" doesn't necessarily apply. So what can you do?

The first thing you should do is install the Petname Tool add-on, which allows you to give all the protected sites you visit pet names that are added to the cryptographic identifiers. Once you have done that, when you visit that site again you will see the pet name you gave the site in the small Pet Name window on your tool bar. To install Petname Tool, follow these steps:

  • Open your Add-Ons window.
  • Search for "petname" (no quotes).
  • Select the Petname Tool add-on and click the Install button.
  • Restart Firefox.
Now that it is installed, you will see the Petname Tool bar. Most likely this bar will be to the right of your Search bar, as shown in Figure B.

Figure B

By default all sites will be titled "unknown site" until they are given a pet name.
Let's walk through adding a pet name for Paypal. With the Petname add-on in place, visit www.paypal.com and then enter "Paypal" (no quotes) in the Petname Tool bar and hit Enter. Once you have entered that pet name, you will notice when you click the Petname folder (located on the Bookmarks toolbar) the Paypal pet name will appear (Figure C).

Figure C

You can give your sites pet names that do not have anything to do with the actual site; just make sure you remember what name you have given them.

After you have given the site its pet name, go back to the site and check the Petname Tool bar. You should see the pet name appear. If the site was a phishing site masquerading as your site, the pet name you have given the site will not appear.

Testing Firefox

You can also test Firefox to make sure the phishing prevention is working. What you need to do is go to the It's A Trap Web site. If you see the warning shown in Figure D, Firefox is protecting you.

Figure D

If you click Ignore This Warning, you will see the regular "It's a trap" Web site.

Netcraft Tool bar

Another such tool is the Netcraft Toolbar add-on, which takes a very different approach to the problem. The Netcraft Toolbar (Figure E) installs a tool bar that shows risk ratings and site rankings and provides a report link (which gives you the Netcraft information about the site — not the ability to report a malicious site). Also on this tool bar is a drop-down menu where you can select to report a site. Editor's note: The installation process for the Netcraft Toolbar add-on is essentially the same as it is for the Petname Tool bar.

Figure E

You can report both a site or a site that has been incorrectly labeled as a blocked site.

The most important feature of this tool bar for users is the Risk Rating. This bar will be either Green (if the site is a low risk) or Red (if the site is a high risk). There are a number of factors that go into calculating the site's risk. The primary factor is age of site. So you can be visiting a site you KNOW is safe (it could even be your own site) but is getting a high risk because it is a relatively new site. Regardless of why, it's always best to play it safe on high-risk sites.

Final thoughts

Phishing is a practice that will most likely not go away, so it is always best to have as much protection in place as possible. With two outstanding add-ons and built-in protection, Firefox takes on phishing attacks with strength and reliability.

Stay on top of the latest XP tips and tricks with TechRepublic's Windows XP newsletter, delivered every Thursday. Automatically sign up today!

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

Editor's Picks