Firefox contains built-in Phishing and Malware Protection to help keep you safe online. These features will warn you when a page you visit has been reported as a Deceptive Site (sometimes called “phishing” pages), as a source of Unwanted Software or as an Attack Site designed to harm your computer (otherwise known as malware). This feature also warns you if you download files that are detected as malware.

Table of Contents

What are Deceptive/Phishing, Attack Sites, Unwanted Software and Malware?

Deceptive Site (also known as "Phishing")

Attack Sites

Attack Sites are websites that try to infect your computer with malware when you visit. These attacks can be very difficult to detect; even a site that looks safe may be secretly trying to attack you. Sometimes even the website’s owner doesn’t realize that the site has become an Attack Site.

Malware

Malware is software designed to infect your computer without your knowledge. Malware is most often used to steal personal information, send junk email (spam), or spread more malware.

You can learn more about malware and Attack Sites from StopBadware, a non-profit organization that works with partners like Mozilla to protect users from malware and other dangerous software.

Unwanted Software

Unwanted Software sites are websites that try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit). You can learn more about such software on the Google Unwanted Software Policy.

How does Phishing and Malware Protection work in Firefox?

Phishing and Malware Protection works by checking the sites that you visit against lists of reported phishing, unwanted software and malware sites. These lists are automatically downloaded and updated every 30 minutes or so when the Phishing and Malware Protection features are enabled.

When you download an application file, Firefox checks the site hosting it against a list of sites known to contain "malware". If the site is found on that list, Firefox blocks the file immediately, otherwise it asks Google’s Safe Browsing service if the software is safe by sending it some of the download’s metadata.*

*Windows users: This online check will only be performed in Firefox on Windows for those downloaded files that don’t have a known good publisher. Most of the common and safe software for Windows is signed and so this final check won’t always need to happen.

How do I use the Phishing and Malware Protection features?

These features are turned on by default so, unless your security settings have been changed, you are likely already using them. Phishing and Malware Protection options preferences can be found on the Security panelPrivacy & Security panel:

To turn these features off, follow the preceding steps to return to the Security panel and remove the check marks.

To turn these features off, follow the preceding steps to return to the Privacy & Security panel and remove the check marks.

To see if Phishing Protection is active, visit our phishing test site. Likewise, you can visit our malware test site to confirm that Firefox is blocking Attack Sites as well as our unwanted software test site. With Phishing and Malware Protection turned on, all these sites should be blocked from loading.

What happens when a page or file is blocked?

Firefox will block the page from loading and display a Receptive Site warning for phishing sites, Reported Unwanted Software Page for unwanted software sites and Reported Attack Page for malware sites.

If you download malware or spyware, Firefox displays a message about the file in the Downloads panel.

Unblock.

If you download malware or other software that is potentially unwanted or uncommon, Firefox displays a message about the file in the Downloads panel.

To ignore the warning and download such a file, right-click on it in the Downloads panel and select Allow Download.

What information is sent to Mozilla or its partners when Phishing and Malware Protection are enabled?

There are two times when Firefox will communicate with Mozilla’s partners while using Phishing and Malware Protection for sites. The first is during the regular updates to the lists of reporting phishing and malware sites. No information about you or the sites you visit is communicated during list updates. The second is in the event that you encounter a reported phishing or malware site. Before blocking the site, Firefox will request a double-check to ensure that the reported site has not been removed from the list since your last update. This request does not include the address of the visited site, it only contains partial information derived from the address.

In addition to the regular list of updates mentioned above, when using Malware Protection to protect downloaded files, Firefox may communicate with Mozilla's partners to verify the safety of certain executable files. In these cases, Firefox will submit some information about the file, including the name, origin, size and a cryptographic hash of the contents, to the Google Safe Browsing service which helps Firefox determine whether or not the file should be blocked.

The Mozilla Privacy Policy describes what data Firefox and Mozilla each receive and how it"s handled. The Google Privacy Policy explains how Google handles collected data.

I’ve confirmed that my site is safe, how do I get it removed from the lists?

If you own a site that was attacked and you have since repaired it, or if you feel that your site was reported in error, you can request that it be removed from the lists. We encourage site owners to investigate any such report thoroughly, though; a site can often be turned into an attack site without any visible change.

Protection against phishing (a type of fraud whose goal is to obtain passwords, banking information and other personal information user) is present in most popular web browsers. Yandex.Browser is no exception; such protection, using Safe Browsing technologies (essentially a blacklist of unreliable websites), has been working in the browser since its inception.

Protection using blacklists (be it Safe Browsing of Yandex, Google or other analogues) has long remained the only solution. The problem is that, today, the creation of fake sites, their publication, sending spam through social media. networks and so on happens so quickly, due to the automation of these processes, that a new phishing page manages to do enough damage before it ends up in the list of bad sites and is blocked by the browser.

The new anti-phishing algorithm used in Yandex Browser has now become even more effective. In addition to Safe Browsing and password protection, which has been working in Yandex Browser for a year now, a new version browser received technology that protects numbers bank cards. This technology is based on Yandex's developments in the field of machine learning and computer vision.

You can find out in more detail how Yandex.Browser protects against phishing on the company’s official blog on Habrahabr.

The latest version of Yandex.Browser is available.

Development team Google browser Chrome urges all users of this browser to update to latest version. Yes, let me tell you...

ECS (Elitegroup Computer Systems) introduced the Liva Q2 mini-PC. The dimensions of the new item are only: 70 x 70 x 33.4 mm, weight – 260 grams. A...

In the last test Windows build 10 with index 18836 appeared new opportunity, which allows you to interact with Linux subsystem files directly...

Your browser and all add-ons are updated. But on some website you saw a notification that your computer was infected and installed the recommended security program. After which she offered to be treated for money, and it became impossible to work in the system.

No, of course, this couldn’t happen to you! After all, you are an experienced user who will never fall for such primitive tricks of scammers. What about your loved ones, friends and acquaintances - are they also experienced? Or maybe you think that simply installing an antivirus for them is enough to protect themselves from such threats?

By the way, you can distinguish a fake antivirus Microsoft Security Essentials from the present?

Last week, various friends brought my brother a computer with fake security programs. The free antiviruses from well-known manufacturers that were available in the system were defeated by more powerful counterfeit counterparts.

It's no secret that users often create problems for themselves by installing malware hiding under the guise of legitimate applications. The situation is aggravated by the fact that during installation the fakes behave decently, without giving much reason to find fault with them. And only then do they reveal themselves in all their devilish glory.

Feel like... a fish!

Phishing (fishing, literally translated) is a combination of techniques with which attackers try to:

• lure you to a fraudulent site in order to fish out personal and financial information
• encourage you to visit an infected resource where browser and add-on vulnerabilities are exploited
• slip you a disguised malware that will extort money or take control of the system

The above example with a fake antivirus is a classic phishing scam. Another common case is video add-ons. Remember the huge proportion of sites with pornography and streaming videos among all infected resources? There it is very logical to offer some kind of player for download. Do you want a free strawberry? Install the add-on! And they put it :)

The reputation of the downloaded file is determined based on:

• hash, which is unique for each file
• digital certificate with which the file is signed (one certificate provides reputation to all files that are signed with it)

Now a message about a potential danger appears only for executable files without a reputation, and according to developers' estimates, it will be possible to see it no more than 2-3 times a year.

Reputation only works for executable program files (EXE), and not for archives or multimedia files.

Uploading files with and without reputation

When the executable file has a reputation, everything happens as usual. Try downloading a free video - after the security check you will see the usual dialog box.

And here is the same file, but without reputation. Download this free video and you'll see a SmartScreen filter warning.

Please note that a program without a reputation cannot be launched immediately from the browser, although it is already saved on disk. button Execute replace buttons Delete And Actions. The latter opens a dialog box with detailed explanation reasons for blocking (the same thing happens in the IE9 download manager).

To get to the option to run the file, here you will also have to press the arrow button Additionally. Particularly persistent users will still launch it, but according to the developers, in this case the risk of running into something bad ranges from 25 to 70%.

The browser's anti-phishing filter provides an additional layer of system protection because the scan is performed before the file is executed, i.e. before it comes under antivirus surveillance.

Those who disable phishing protection in the browser, considering only an antivirus shield to be sufficient, demonstrate a superficial approach to strengthening system security.

By the way, do not confuse these messages with a warning about downloading an unsigned file (I made one as an example). It always appears when there is no digital signature, and is not part of the SmartScreen filter.

The Situation for Free Software Developers

Adding file reputation to SmartScreen filter certainly strengthens the phishing protection in IE9. However, not only new malware may lack a reputation, but also completely legitimate, but not widespread, applications. And, relatively speaking, until enough people download them, the reputation will not appear. And since it is not there, IE9 will make it difficult to launch the executable file.

One solution to the problem is digital code signing. Meanwhile, a one-year certificate from VeriSign costs $500, and from Thawte - $300. You can find it cheaper, but the order of the amount is clear. Not every author free utility for Windows, who does not make a profit from his project, is ready to spend that kind of money.

You can go ahead and join the Windows 7 Logo program, confirming the application's compatibility, which will ensure its reputation. I think that Microsoft quite consciously took this step in order to push developers to write programs that are fully compatible with Windows 7. It is curious that add-ons for IE, which the browser so needs to fight for its place in the sun, are not accepted into this program.

Developers who are not comfortable with these options for ensuring their program's reputation can package the executable file in a ZIP archive. This also makes it difficult for the installer to start, but does not scare users away with warnings.

The story about the security features of browsers is not over yet. Not all filters are equally useful, and we'll talk about their comparison in a couple of days.

One of my readers just gave an example of phishing in a discussion of a previous article. Have you encountered phishing or its consequences? Have you ever had to restore your system after using a fake antivirus? By the way, have you determined which of the two MSEs is fake? Tell us about your experience and the systems in which the problem was observed.

Attentive users Yandex.Browser we immediately noticed that the browser received a new, slightly modified logo, but this is not the most important thing - the key innovation in the latest version of the browser from Yandex is the active protection technology called Protect. And browser users are already looking for instructions not only on how to enable, but also how to disable Protect in the Yandex browser.

Protect technology consists of several protective components:

• password protection;
• protection in public network Wi-Fi;
• blocking suspicious fraudulent resources;
• checking all downloaded files.

Protection from Protect browser

Protect provides users with timely protection, which practically does not need to be managed - Yandex browser will do everything itself. The main goal of development is to prevent the occurrence of threats, and not to eliminate their consequences:

How to disable Yandex Protect technology

Yandex's Protect technology has just been introduced into the browser, and the developers have already promised that new mechanisms will be introduced in the future that will combat other threats. But despite its benefits, users also noticed that the browser often blocks sites that do not pose threats. Not everyone is happy with this state of affairs, so I decided to try disabling the protection Protect Yandex. To turn off the Protect technology, first you need to find the icon in the form of three stripes, and then select “Settings”.

After opening the settings, scroll to the bottom of the page and look for the “Show additional settings” button. Now go to the “Personal Data Protection” settings block and uncheck the “Enable protection against malware", that is, turn off protection Protect from malware.

The article talks about what password phishing is, how it is carried out, why it is used by attackers, and how to protect yourself from it.

Start

Just 15 years ago, not everyone could boast of having home computer, but about fast and unlimited internet All that was left was to dream. Fortunately, they are developing similar technologies very quickly, and nowadays you won’t surprise anyone with having a PC or access to the Internet. Every year digital technologies become more accessible, simple and attractive. Almost all enterprises, institutions and organizations have switched to electronic document management, and the range of services provided via the Internet is constantly growing and expanding.

All this leads to the fact that virtual space increasingly important personal or classified information. For example, data electronic wallets, passwords for them, etc. Naturally, all this attracts attackers, and for a long time no one will be surprised by stories about how hackers are hired to “take down” a competitor’s website or obtain compromising information.

In addition to the listed values ​​and information, attackers are also interested in its intangible component. K and password to the account of some online game, paid service, etc. And often, in addition to the usual virus attack, they use a method such as phishing. So what is password phishing and how can you protect yourself from it? We'll figure this out.

Definition

First, let's talk a little about terminology. The word "phishing" came to us from in English(English fishing - fishing, fishing). As in the case of real fishing, the point of this action is to throw “bait” to the user and simply wait until the latter falls on the hook and “merges” passwords with logins. But what is password phishing and how is it technically implemented?

Unlike Trojans, keyloggers and backdoors, password phishing is implemented more simply, but at the same time more cunning, and often users do not notice the trick at all. So how is this method implemented?

It's actually quite simple. The attacker copies the source code of the page, for example, authorization postal service, and uploads it to his rented hosting, where he, of course, placed his fictitious data. Then it creates the address of this page very similar to the original one, for example, if the real address looks like e.mail./login?email, then the fake one looks like e..mail./login?email. As you can see, the difference is only in one point; you must admit, not everyone will notice it. Also, the fictitious page is configured so that after entering data (login and password), they are saved on the hacker’s website. So now we know what password phishing is.

Naturally, when authorizing, the user will receive an error, but in some cases, in order to further mislead, the attacker creates a script that will report that the login-password combination is incorrect, and the user will be redirected to this page authorization.

Password protection against phishing. What is this?

Now we come to how to protect ourselves from such theft. Firstly, you should never click on suspicious links, especially if these are authorization forms for some services or other services whose data is important to you. Especially if you were already logged in there and the session did not end. Secondly, always pay attention to the page address. Naturally, they make it as similar as possible, but differences still exist. And thirdly, it is important to remember that any device with Internet access that is frequently used must have an antivirus installed, be it a PC, tablet or smartphone. All modern versions can recognize fake pages.

Well, in addition: many services protect themselves from this; this is done with special page code and scripts, because of which their code cannot simply be copied and used as bait.

Mass distribution

This type of fraud became especially widespread about 10 years ago, at that time such a thing as a password phishing program appeared. The point of this software was that with its help anyone could easily and quickly create a copy of a phishing page. Fortunately, now similar programs are of little relevance, since the design of authorization forms and their code often changes to prevent the theft of passwords and logins.

The meaning of theft

Nowadays, the value of electronic data and other information is difficult to underestimate. Criminals also understand this, so they try to get them in every possible way. Moreover, they are interested not only in specific important data, for example, the number credit card, access passwords to electronic wallets, but also access data to mail, social networks, etc.

So now we know what password protection against phishing means and how important it is.

For example, having gained access to a page on a social network, a fraudster can find out a lot of compromising information about a person and later begin to blackmail him. And the abundance of services for “hide and seek” on the Internet, anonymous payment systems, etc., only simplify this, and it is very, very difficult to catch such a hacker. Although in last years this is happening more and more often.

Conclusion

Also, everyone is hearing about a recently popular type of “scam,” when, having obtained passwords, a hacker, on behalf of the victim, asks her friends to borrow money. So protecting your password from phishing is an important aspect computer security. It is clearly not worth neglecting.