BEST ANTI-PHISHING FIREFOX EXTENSIONS
Hi guys,
despite FIREFOX already has a built-in ANTIPHISHING FEARURE by default I thought that this short “tutorial” could actually improve the privacy and security of FIREFOX USERS against spoofing, pharming and pishing attacks on the WEB!!
In short, as for as I know, after a short research on the WEB I found out that the best known ANTIPHISHING and ANTISPOOFING ADD-ONS available for FIREFOX USERS are at present as follows:
1) PHISH TANK SITECHECKER (appears compatible for FIREFOX 3):
http://phishtanksitechecker.com/?page_id=7
2) GOOGLE SAFE BROWSING:
http://www.google.com/tools/firefox/safebrowsing/
3) WOT
http://www.mywot.com/
4) DR WEB LINK CHECKER:
https://addons.mozilla.org/en-US/firefox/addon/938
5) VERISIGN EV GREEN BAR:
https://addons.mozilla.org/en-US/firefox/addon/4828
6) iTRUST PAGE:
https://addons.mozilla.org/en-US/firefox/addon/4828
7) FINJAN SECUREBROWSING:
http://securebrowsing.finjan.com/index.html
Gives you the highest rate of malicious code detection:
* Scans the current form of a page as it available on the Web now, in real-time.
* Detects malicious content based on code analysis, rather than using signatures like anti-virus products.
* Provides the most accurate page safety rating based on the actual page content, rather than database lookup of web address like URL filtering products.
Ensuring your privacy:
* Doesn’t track each and every URL you visit.
* Doesn’t require your identification details.
* Doesn’t install additional programs or change settings of your desktop.
8) FIREPHISH
http://opdb.berlios.de/
9) CALLING ID LINK ADVISOR:
http://www.callingid.com/DesktopSolutio ... visor.aspx
Place your mouse over any link you received and CallingID Link Advisor will provide you with real, accurate data about the site and a strait-forward risk assessment:
* Which site will you really visit
* Which company stands behind the site
* Is it safe to deal with the site
* Are there any known risks visiting the site
CallingID Link Advisor automatically checks the links you receive in your email, web-mail and instant messenger before you follow them and verifies that they are safe.
You don’t have to be an expert to be safe. CallingID is your bodyguard. It automatically scouts the sites you intend to visit and provides you with all the information you need to make an informed decision – Can I follow the link or should I ignore it because there are risks I don't want to take.
10) SPOOFSTICK:
http://www.spoofstick.com/firefox.html
11) TRUST BAR:
http://www.cs.biu.ac.il/~herzbea/TrustBar/
12) COMPETE TOOLBAR:
http://tools.compete.com/
The COMPETE TOOLBAR automatically creates two alerts for every web site you visit:
- Trust Scores, which warns you of potentially malicious (spyware, phishing) web sites
- Site Profile, which tells you how popular the web site is, its rank, and how fast it is growing on the WEB
13) NETCRAFT TOOLBAR:
http://toolbar.netcraft.com/
14) SENDER VERIFICATION ANTI-PHISHING EXTENSION 0.9.0.2 (works with Thunderbird: 0.6 – 2.0.0. )
https://addons.mozilla.org/en-US/thunderbird/addon/345
This extension tells you whether the EMAIL SENDER shown in the “From: header” was actually the sender of the email as it’s possible to forge even the “From: address”! This tool is aimed at identifying phishing attacks and fraudulent emails asking for your sensitive data in an earlier step, namely when the user receives a bogus mail with a false identity.
15) ENIGFORM (works with Firefox 3)
https://addons.mozilla.org/en-US/firefox/addon/4531
Enigform will enhance your bowser's HTTP security by adding GnuPG Digital Signatures to GET, POST and AJAX-generated POSTs to sites that request this level of security, or to all requests if told to do so. It combines the Enigform firefox extension with an HTTP+OpenPGP aware web server (like Apache with mod_auth_openpgp): great alternative to the “Certificate Authority model of authentication” allowing users to login to sites without being forced to type their username and passwords, thus making phishing go away.
You can find a full and detailed review by its developer here:
http://freshmeat.net/articles/view/2599
What do you make of it guys??
Have you ever heard about them? I haven't till yesterday...LOL!!
The only problem I have at the present is that I still don't know which one of these 15 solutions is the best one against PHISHING ATTACKS simply because I didn’t prove them all together yet, even though it seems to me, after a short test, that FINJAN SECUREBROWSING, CALLING ID LINK ADVISOR, COMPETE TOOLBAR, ENIGFORM and above all NETCRAFT TOOLBAR are indeed the best and more effective tools against such kind of threats.
NETCRAFT TOOLBAR has also received an excellent rating by this independent review published here:
http://news.netcraft.com/archives/2007/ ... sting.html
As you can see from the link above, according to several indipendent reviewers NETCRAFT TOOLBAR resulted to be as the most effective Antiphishing toolbar, identifying 48 out of 50 phishing sites (96%) within 36 hours from the starting of the experiment, whereas the next best toolbar was only able to identify 34 phishing sites (68%) within the same time period.
Waiting for your feedback and evaluation of my list set out above but of course any other possible addition to the solutions mentione above is welcomed!!
Cheers from Italy!!
Giovanni
LIST OF BEST ANTI-PHISHING FIREFOX EXTENSIONS!
-
Acsl
- Guest
Re: LIST OF BEST ANTI-PHISHING FIREFOX EXTENSIONS!
The best anti-phishing protection is to use your brain. Never enter personal data on a link you have gone to from an email. If you want to do business with a website, always access that website through a bookmark or by typing in the URL bar the URL that you know is correct.