In the wake of increased spam bombarding corporate systems, Mozilla
is touting a new phishing detection feature in Firefox 2.0, calling
it an extra layer of protection in the fight to block
phishing attacks.
 | | | | | On the corporate side we have
very expensive and comprehensive solutions and the goal is to
prevent the user from ever getting a phishing email in the first
place.
Natalie Lambert,
analystForrester Research Inc. |
| | | | | |
| |
|
The new tool, which is turned on by default in Firefox 2.0,
works by checking Web sites that are browsed by users against a
list of known phishing sites stored on a user's computer. The list
is automatically downloaded every 30 minutes. For more up-to-date
protection, Firefox can also be configured to automatically check
browsed sites against a list of fraudulent URLs compiled by
Google.
"Catching phishing sites is incredibly difficult, because sites
go up and down very quickly," said Window Snyder, chief of Firefox
security at Mozilla. "We're adding an extra layer of security to
warn users of potential phishing sites."
Analysts say Mozilla is trying to shift the topic of browser
security from Microsoft, which recently launched Internet Explorer
7 (IE 7) to the latest release of Firefox. Mozilla recently
conducted a study comparing the ability of antiphishing filters in
IE 7 and Firefox 2.0 to flag potential phishing attack sites. The
browser maker's results showed
Firefox ahead of IE 7.
Test phishing URLs were received from PhishTank, a web service
that tracks and verifies submitted phishing URLs. Mozilla used
SmartWare Technologies Inc., a software testing company, to perform
the tests.
The results showed that 243 phishing sites were missed by IE 7
and automatically discovered by Firefox's antiphishing feature. IE
7 blocked 117 sites with its antiphishing feature, which were
missed by Firefox.
With the Ask Google feature turned on in Firefox, 81% of the
phishing sites visited were blocked, which is a significant number,
Snyder said. The problem is in compiling an up-to-date list of
sites since phishing site URLs can change in minutes, Snyder said.
Another challenge was to create an antiphishing tool that didn't
consistently return false results, Snyder said. While the test did
not measure false returns, so far there have been no complaints
about false detections, she said.
"How to fill this security feature in a way that is effective
and won't result in false positives was important, because in the
end users are less likely to believe warnings," Snyder said.
Spam has been increasing over the last year and analysts say a
large portion of spam emails are phishing attacks. The increase is
attributed to a growing number of
botnets, which are putting a strain on corporate antispam
software.
While the test shows that both browsers will increase awareness
about phishing sites and help protect consumers, enterprises should
continue to focus on antispam software and other tools to block
unwanted email, said Natalie Lambert, an analyst with Cambridge,
Mass.-based Forrester Research Inc.
"Especially with consumers today, these antiphishing tools are
very important to them," Lambert said. "On the corporate side we
have very expensive and comprehensive solutions and the goal is to
prevent the user from ever getting a phishing email in the first
place."
Mozilla's test results are not likely to sway businesses to
switch to Firefox, Lambert said. For businesses, the most important
feature is compatibility when selecting a browser, she said. Many
businesses use Internet Explorer since a lot of business
applications are developed to be compatible with the browser, she
said.