Compare Revisions
How does built-in Phishing and Malware Protection work?
Revision 50197:
Revision 50197 by AliceWyman on
Revision 61029:
Revision 61029 by irahal on
Keywords:
Search results summary:
Firefox contains built-in Phishing and Malware Protection to help keep you safe online. This article explains how they work.
Firefox contains built-in Phishing and Malware Protection to help keep you safe online. This article explains how they work.
Content:
Firefox contains built-in Phishing and Malware Protection to help keep you safe online. These features will warn you when a page you visit has been reported as a Web Forgery of a legitimate site (sometimes called “phishing” pages) or as an Attack Site designed to harm your computer (otherwise known as malware).
__TOC__
=What is a Web Forgery? What is Phishing?=
Web Forgery (also known as “Phishing”) is a form of identity theft that occurs when a malicious Web site impersonates a legitimate one in order to trick you into giving up sensitive information such as passwords, account details, or credit card numbers. Phishing attacks usually come from email messages that attempt to lure the recipient into updating their personal information on fake, but very real looking, Web sites. More information on phishing can be found at the [http://www.antiphishing.org/ Anti-Phishing Working Group], and there are a number of examples and resources available at the [http://en.wikipedia.org/wiki/Phishing Wikipedia Phishing page].
=What is an Attack Site? What is Malware?=
Malware is software designed to infect your computer without your knowledge. Malware is most often used to steal personal information, send junk e-mail (spam), or spread more malware.
Attack Sites are Web sites that try to infect your computer with malware when you visit. These attacks can be very difficult to detect; even a site that looks safe may be secretly trying to attack you. Sometimes the Web site’s owner won’t even know that the site has been turned into an Attack Site.
You can learn more about malware and Attack Sites from [http://www.stopbadware.org/firefox StopBadware], a non-profit organization that works with partners like Mozilla to protect users from malware and other dangerous software.
=How does Phishing and Malware Protection work in Firefox?=
Phishing and Malware Protection works by checking the sites that you visit against lists of reported phishing and malware sites. These lists are automatically downloaded and updated every 30 minutes or so when the Phishing and Malware Protection features are enabled. The technical details of the safe-browsing protocol are also [http://code.google.com/p/google-safe-browsing/wiki/Protocolv2Spec publicly available].
=What information is sent to Mozilla or its partners when Phishing and Malware Protection are enabled?=
There are two times when Firefox will communicate with Mozilla’s partners while using Phishing and Malware Protection. The first is during the regular updates to the lists of reporting phishing and malware sites. No information about you or the sites you visit is communicated during list updates. The second is in the event that you encounter a reported phishing or malware site. Before blocking the site, Firefox will request a double-check to ensure that the reported site has not been removed from the list since your last update. In both cases, existing cookies you have from google.com, our list provider, may also be sent.
The [https://www.mozilla.org/en-US/privacy-policy.html Mozilla Privacy Policy] expressly forbids the collection of this data by Mozilla or its partners for any purpose other than improvement of the Phishing and Malware Protection feature. The [http://www.google.com/intl/en/privacypolicy.html Google Privacy Policy] explains how Google handles user cookies.
=How do I use the Phishing and Malware Protection features?=
These features are turned on by default so, unless your security settings have been changed, you are likely already using them. Phishing and Malware Protection {for win}options{/for}{for mac,linux}preferences{/for} can be found on the [[Security and passwords settings|Security panel]]: [[T:optionspreferences]] and click on {menu Security}.
You can test to see if Phishing Protection is active by trying to visit our [https://www.mozilla.org/firefox/its-a-trap.html phishing test site]. Likewise, you can try to visit our [https://www.mozilla.org/firefox/its-an-attack.html malware test site] to confirm that Firefox is blocking Attack Sites as well. With Phishing and Malware Protection turned on, both sites should be blocked from loading.
=I’ve confirmed that my site is safe, how do I get it removed from the lists?=
If you own a site that was attacked and you have since repaired it, or if you feel that your site was reported in error, you can request that it be removed from the lists. We encourage site owners to investigate any such report thoroughly, though; a site can often be turned into an attack site without any visible change.
*To request removal from the list of reported phishing sites, [http://www.google.com/safebrowsing/report_error/?tpl=mozilla use this form] provided by Google.
*To request removal from the list of reported malware sites, [http://www.stopbadware.org/home/reviewinfo use this one], provided by stopbadware.org.
Firefox contains built-in Phishing and Malware Protection to help keep you safe online. These features will warn you when a page you visit has been reported as a Web Forgery of a legitimate site (sometimes called “phishing” pages) or as an Attack Site designed to harm your computer (otherwise known as malware).
__TOC__
=What is a Web Forgery? What is Phishing?=
Web Forgery (also known as “Phishing”) is a form of identity theft that occurs when a malicious Web site impersonates a legitimate one in order to trick you into giving up sensitive information such as passwords, account details, or credit card numbers. Phishing attacks usually come from email messages that attempt to lure the recipient into updating their personal information on fake, but very real looking, Web sites. More information on phishing can be found at the [http://www.antiphishing.org/ Anti-Phishing Working Group], and there are a number of examples and resources available at the [http://en.wikipedia.org/wiki/Phishing Wikipedia Phishing page].
=What is an Attack Site? What is Malware?=
Malware is software designed to infect your computer without your knowledge. Malware is most often used to steal personal information, send junk e-mail (spam), or spread more malware.
Attack Sites are Web sites that try to infect your computer with malware when you visit. These attacks can be very difficult to detect; even a site that looks safe may be secretly trying to attack you. Sometimes the Web site’s owner won’t even know that the site has been turned into an Attack Site.
You can learn more about malware and Attack Sites from [http://www.stopbadware.org/firefox StopBadware], a non-profit organization that works with partners like Mozilla to protect users from malware and other dangerous software.
=How does Phishing and Malware Protection work in Firefox?=
Phishing and Malware Protection works by checking the sites that you visit against lists of reported phishing and malware sites. These lists are automatically downloaded and updated every 30 minutes or so when the Phishing and Malware Protection features are enabled. The technical details of the safe-browsing protocol are also [http://code.google.com/p/google-safe-browsing/wiki/Protocolv2Spec publicly available].
=What information is sent to Mozilla or its partners when Phishing and Malware Protection are enabled?=
There are two times when Firefox will communicate with Mozilla’s partners while using Phishing and Malware Protection. The first is during the regular updates to the lists of reporting phishing and malware sites. No information about you or the sites you visit is communicated during list updates. The second is in the event that you encounter a reported phishing or malware site. Before blocking the site, Firefox will request a double-check to ensure that the reported site has not been removed from the list since your last update. In both cases, existing cookies you have from google.com, our list provider, may also be sent.
The [https://www.mozilla.org/en-US/privacy-policy.html Mozilla Privacy Policy] expressly forbids the collection of this data by Mozilla or its partners for any purpose other than improvement of the Phishing and Malware Protection feature. The [http://www.google.com/intl/en/privacypolicy.html Google Privacy Policy] explains how Google handles user cookies.
=How do I use the Phishing and Malware Protection features?=
These features are turned on by default so, unless your security settings have been changed, you are likely already using them. Phishing and Malware Protection {for win}options{/for}{for mac,linux}preferences{/for} can be found on the [[Security and passwords settings|Security panel]]: [[T:optionspreferences]] and click on {menu Security}.
You can test to see if Phishing Protection is active by trying to visit our [http://www.mozilla.org/firefox/its-a-trap.html phishing test site]. Likewise, you can try to visit our [https://www.mozilla.org/firefox/its-an-attack.html malware test site] to confirm that Firefox is blocking Attack Sites as well. With Phishing and Malware Protection turned on, both sites should be blocked from loading.
=I’ve confirmed that my site is safe, how do I get it removed from the lists?=
If you own a site that was attacked and you have since repaired it, or if you feel that your site was reported in error, you can request that it be removed from the lists. We encourage site owners to investigate any such report thoroughly, though; a site can often be turned into an attack site without any visible change.
*To request removal from the list of reported phishing sites, [http://www.google.com/safebrowsing/report_error/?tpl=mozilla use this form] provided by Google.
*To request removal from the list of reported malware sites, [http://www.stopbadware.org/home/reviewinfo use this one], provided by stopbadware.org.