Google & Firefox 2 Anti-Phishing Warning In Action


Last month, I covered a number of ways that browsers and search engines are working together to protect surfers from phishing sites. These are sites pretending to be run by someone else, such as bank, in hopes of catching your personal log-in information.

This week while doing my banking, I got to see a phishing warning actually happen through the Google – Firefox 2 partnership. It was also an incorrect warning, which made the experience even more interesting. Below, a look at what happened when I visited Citibank.

I went to the CitiCards site, which I’ve long used. I typed in the URL, rather than doing a search for it. That meant I was pretty sure I’d hit the right site. Still, watching my browser screen go dark and this message was kind of scary:

Google/Firefox Phishing Warning

I double-checked everything to make sure I hadn’t gone to the wrong place. I hadn’t. So, I tried the "This isn’t a web forgery" option to see what would happen. That got me to this page:

Google/Firefox Phishing Incorrect Warning Report Page

I submitted the information, then got a confirmation page telling me that I’d done my good deed for the day.

What if you were like Citibank, tagged as a phishing site by mistake? There’s a generic report page here that says:

If you believe Google Safe Browsing is warning users of misleading activity on what is actually a safe page, please complete the form below to report the error to our Google Safe Browsing team. They’ll act quickly to address any possible errors. Learn more

Sadly, the "Learn more" link generates an error in Google’s help area. There is a general section on safe browsing here, but I didn’t spot any topics specifically for site owners. If anyone has advice they know of, drop it in the comments below. I’ll also check with Google on this.

Google maintains the master blacklist used by its own toolbar and Firefox. Michael Sutton has a recent and interesting look at it here.

Also see my AOL Has "Safest" Results & Free Results Safer Than Paid  article from last month. It covers a recent survey on the safety of search results plus provides a long list of tools you can try to protect yourself from the major search engines and others.



Danny Sullivan is editor-in-chief of Search Engine Land. He’s a widely cited authority on search engines and search marketing issues who has covered the space since 1996. Danny also oversees Search Engine Land’s SMX: Search Marketing Expo conference series, maintains a personal blog called Daggle and microblogs on Twitter as @dannysullivan.

See more articles by Danny Sullivan >


Share, Bookmark & Discuss This Article
More:


Keep Updated: News Via Email | News Via RSS Feed | News Via Twitter


See more stories like this in the Members Library! Check out the Search Features: Safety, Toolbars & Add-Ons sections of the Members Library where this story is filed. Members also get access to exclusive video content, a members-only weekly & monthly newsletter, plus more. Check out all the benefits!

2 COMMENTS ON Google & Firefox 2 Anti-Phishing Warning In Action

yoramn,

The problem with these phishing filters is that they are immature and many Internet fraud attempts can still get through. Gartner agrres with this statement.
The only solution that can really protect users from scam is a combination of
1. Phishing filter
2. Detection of non phishing scam sites
3. Warning the user before he clicks a link about the potential problems of following the link
4. Positive identification of good sites and thir owners providing the information to the user in order to help him deciding if it is OK to deal with a site

There are solutions providing all the above, like CallingID



S0crates9,

The best way to address phishing, is to consult with a team that does it. Use the knowledge to create soem sort of heuristics detection along with a database of known “whitelist” sites.




RECENT COMMENTS

  • Chris Silver Smith said " Wow - my coincidental timing couldn't have been better, what with Rupert Murdoch getting quoted this"
  • George Michie said " Clearly they're promoting the product. Why wouldn't they? The only odd piece of the equation is that"
  • LinkLift said " Eric, this seems a bit too optimistic. From our experience, the losses for simultaneous domain and s"

See All »


FREE DAILY SEARCH NEWS RECAP!

Stay on top of all the search news with our daily summary, the SearchCap newsletter. View a sample ›

STAY CURRENT THROUGHOUT THE DAY

RSS Feeds

The Search Engine Land feed keeps you informed as news happens. SEE ALL FEEDS »

Upcoming Search Engine Land Conferences

Advertise With Us »

Search Engine Land produces SMX, the Search Marketing Expo conference series. SMX events deliver the most comprehensive educational and networking experiences - whether you're just starting in search marketing or you're a seasoned expert.


SMX Web Site » | SMX Difference » | SMX News »


Join us at an upcoming SMX event:

Search Marketing Now Learn more about search marketing with our free online webcasts and webinars from our sister site, Search Marketing Now. Upcoming online events include:


See more webcast topics »

TRACK US SOCIALLY
Upcoming Search Engine Land Conferences

Get Your Search Engine Land
Premium Membership!

Become a premium member today and receive:

  • Express commenting privileges & photo.
  • Exclusive videos & newsletters.
  • Discounts to our SMX conferences.
  • Access to "How To" & Other Archives.

Learn More

Upcoming Search Engine Land Conferences
Add to GoogleAdd to My Yahoo!Add to BloglinesAdd to NetvibesAdd to Windows Live