Firefox antiphishing feature beats Internet Explorer in Mozilla test

On the corporate side we have very expensive and comprehensive solutions and the goal is to prevent the user from ever getting a phishing email in the first place. Natalie Lambert, analystForrester Research Inc.

The new tool, which is turned on by default in Firefox 2.0, works by checking Web sites that are browsed by users against a list of known phishing sites stored on a user's computer. The list is automatically downloaded every 30 minutes. For more up-to-date protection, Firefox can also be configured to automatically check browsed sites against a list of fraudulent URLs compiled by Google.

"Catching phishing sites is incredibly difficult, because sites go up and down very quickly," said Window Snyder, chief of Firefox security at Mozilla. "We're adding an extra layer of security to warn users of potential phishing sites."

Analysts say Mozilla is trying to shift the topic of browser security from Microsoft, which recently launched Internet Explorer 7 (IE 7) to the latest release of Firefox. Mozilla recently conducted a study comparing the ability of antiphishing filters in IE 7 and Firefox 2.0 to flag potential phishing attack sites. The browser maker's results showed Firefox ahead of IE 7.

Test phishing URLs were received from PhishTank, a web service that tracks and verifies submitted phishing URLs. Mozilla used SmartWare Technologies Inc., a software testing company, to perform the tests.

The results showed that 243 phishing sites were missed by IE 7 and automatically discovered by Firefox's antiphishing feature. IE 7 blocked 117 sites with its antiphishing feature, which were missed by Firefox.

With the Ask Google feature turned on in Firefox, 81% of the phishing sites visited were blocked, which is a significant number, Snyder said. The problem is in compiling an up-to-date list of sites since phishing site URLs can change in minutes, Snyder said. Another challenge was to create an antiphishing tool that didn't consistently return false results, Snyder said. While the test did not measure false returns, so far there have been no complaints about false detections, she said.

Phishing attacks: Research shows massive botnet growth Research shows smarter phishing Defensive measures for evolving phishing tactics Combating phishing scams How to avoid phishing hooks: A checklist for your end users

"How to fill this security feature in a way that is effective and won't result in false positives was important, because in the end users are less likely to believe warnings," Snyder said.

Spam has been increasing over the last year and analysts say a large portion of spam emails are phishing attacks. The increase is attributed to a growing number of botnets, which are putting a strain on corporate antispam software.

While the test shows that both browsers will increase awareness about phishing sites and help protect consumers, enterprises should continue to focus on antispam software and other tools to block unwanted email, said Natalie Lambert, an analyst with Cambridge, Mass.-based Forrester Research Inc.

"Especially with consumers today, these antiphishing tools are very important to them," Lambert said. "On the corporate side we have very expensive and comprehensive solutions and the goal is to prevent the user from ever getting a phishing email in the first place."

Mozilla's test results are not likely to sway businesses to switch to Firefox, Lambert said. For businesses, the most important feature is compatibility when selecting a browser, she said. Many businesses use Internet Explorer since a lot of business applications are developed to be compatible with the browser, she said.