Firefox 内置了反钓鱼和反恶意软件保护以帮助用户安全的浏览网页。这些特性将在您访问仿冒网站（有时也叫 钓鱼网站）或针对您的计算机的攻击性站点（也叫 恶意程序）时警告您。 __TOC__ = 什么是仿冒网站？什么是钓鱼攻击？ = 仿冒网站（也叫 钓鱼网站）是假冒成合法网站以欺骗您输入例如密码，账户信息，银行卡号等敏感信息的网站。钓鱼攻击通常利用电子邮件传播，引诱接收者在和真正网站非常相似的假冒网站上输入他们的个人信息。关于钓鱼的更多信息可参阅 [http://www.antiphishing.org/ 反钓鱼工作组官网（英文）]，在钓鱼攻击的 [http://zh.wikipedia.org/wiki/%E9%92%93%E9%B1%BC%E5%BC%8F%E6%94%BB%E5%87%BB Wikipedia 页面] 也上有一些仿冒网站的例子。 = 什么是攻击性站点？什么是恶意软件？ = 恶意软件是一种用于不经过您同意而影响您计算机的软件。恶意软件通常会窃取个人信息，发送垃圾邮件，或者扩散更多的恶意软件。 攻击性站点是一类在您访问时试图使用恶意软件影响您的计算机的网站。这些攻击可能会非常难以防御，即使是看起来非常安全的网页也可能正秘密地攻击您。有时这些网站的所有者甚至都不知道他们的网站已经沦为攻击性站点。 要了解更多关于恶意软件和攻击性站点，请参阅 [https://www.stopbadware.org/firefox 停止恶意软件（英文）] 。 =How does Phishing and Malware Protection work in Firefox?= Phishing and Malware Protection works by checking the sites that you visit against lists of reported phishing and malware sites. These lists are automatically downloaded and updated every 30 minutes or so when the Phishing and Malware Protection features are enabled. The technical details of the safe-browsing protocol are also [http://code.google.com/p/google-safe-browsing/wiki/Protocolv2Spec publicly available]. =What information is sent to Mozilla or its partners when Phishing and Malware Protection are enabled?= There are two times when Firefox will communicate with Mozilla’s partners while using Phishing and Malware Protection. The first is during the regular updates to the lists of reporting phishing and malware sites. No information about you or the sites you visit is communicated during list updates. The second is in the event that you encounter a reported phishing or malware site. Before blocking the site, Firefox will request a double-check to ensure that the reported site has not been removed from the list since your last update. In both cases, existing cookies you have from google.com, our list provider, may also be sent. The [https://www.mozilla.org/en-US/privacy-policy.html Mozilla Privacy Policy] expressly forbids the collection of this data by Mozilla or its partners for any purpose other than improvement of the Phishing and Malware Protection feature. The [http://www.google.com/intl/en/privacypolicy.html Google Privacy Policy] explains how Google handles user cookies. =How do I use the Phishing and Malware Protection features?= These features are turned on by default so, unless your security settings have been changed, you are likely already using them. Phishing and Malware Protection {for win}options{/for}{for mac,linux}preferences{/for} can be found on the [[Security and passwords settings|Security panel]]: [[T:optionspreferences]] and click on {menu Security}. You can test to see if Phishing Protection is active by trying to visit our [https://www.mozilla.org/firefox/its-a-trap.html phishing test site]. Likewise, you can try to visit our [https://www.mozilla.org/firefox/its-an-attack.html malware test site] to confirm that Firefox is blocking Attack Sites as well. With Phishing and Malware Protection turned on, both sites should be blocked from loading. =I’ve confirmed that my site is safe, how do I get it removed from the lists?= If you own a site that was attacked and you have since repaired it, or if you feel that your site was reported in error, you can request that it be removed from the lists. We encourage site owners to investigate any such report thoroughly, though; a site can often be turned into an attack site without any visible change. *To request removal from the list of reported phishing sites, [http://www.google.com/safebrowsing/report_error/?tpl=mozilla use this form] provided by Google. *To request removal from the list of reported malware sites, [http://www.stopbadware.org/home/reviewinfo use this one], provided by stopbadware.org.

Firefox 内置了反钓鱼和反恶意软件保护以帮助用户安全的浏览网页。这些特性将在您访问仿冒网站（有时也叫 钓鱼网站）或针对您的计算机的攻击性站点（也叫 恶意程序）时警告您。

什么是仿冒网站？什么是钓鱼攻击？

仿冒网站（也叫 钓鱼网站）是假冒成合法网站以欺骗您输入例如密码，账户信息，银行卡号等敏感信息的网站。钓鱼攻击通常利用电子邮件传播，引诱接收者在和真正网站非常相似的假冒网站上输入他们的个人信息。关于钓鱼的更多信息可参阅 反钓鱼工作组官网（英文），在钓鱼攻击的 Wikipedia 页面 也上有一些仿冒网站的例子。

什么是攻击性站点？什么是恶意软件？

恶意软件是一种用于不经过您同意而影响您计算机的软件。恶意软件通常会窃取个人信息，发送垃圾邮件，或者扩散更多的恶意软件。

攻击性站点是一类在您访问时试图使用恶意软件影响您的计算机的网站。这些攻击可能会非常难以防御，即使是看起来非常安全的网页也可能正秘密地攻击您。有时这些网站的所有者甚至都不知道他们的网站已经沦为攻击性站点。

要了解更多关于恶意软件和攻击性站点，请参阅 停止恶意软件（英文） 。

How does Phishing and Malware Protection work in Firefox?

Phishing and Malware Protection works by checking the sites that you visit against lists of reported phishing and malware sites. These lists are automatically downloaded and updated every 30 minutes or so when the Phishing and Malware Protection features are enabled. The technical details of the safe-browsing protocol are also publicly available.

What information is sent to Mozilla or its partners when Phishing and Malware Protection are enabled?

There are two times when Firefox will communicate with Mozilla’s partners while using Phishing and Malware Protection. The first is during the regular updates to the lists of reporting phishing and malware sites. No information about you or the sites you visit is communicated during list updates. The second is in the event that you encounter a reported phishing or malware site. Before blocking the site, Firefox will request a double-check to ensure that the reported site has not been removed from the list since your last update. In both cases, existing cookies you have from google.com, our list provider, may also be sent.

The Mozilla Privacy Policy expressly forbids the collection of this data by Mozilla or its partners for any purpose other than improvement of the Phishing and Malware Protection feature. The Google Privacy Policy explains how Google handles user cookies.

How do I use the Phishing and Malware Protection features?

These features are turned on by default so, unless your security settings have been changed, you are likely already using them. Phishing and Malware Protection optionspreferences can be found on the Security panel: 在屏幕上方的菜单栏里点击 Firefox 并（根据 macOS 的版本不同）选择 首选项 或 设置。点击菜单按钮 并选择设置。 and click on Security.

You can test to see if Phishing Protection is active by trying to visit our phishing test site. Likewise, you can try to visit our malware test site to confirm that Firefox is blocking Attack Sites as well. With Phishing and Malware Protection turned on, both sites should be blocked from loading.

I’ve confirmed that my site is safe, how do I get it removed from the lists?

If you own a site that was attacked and you have since repaired it, or if you feel that your site was reported in error, you can request that it be removed from the lists. We encourage site owners to investigate any such report thoroughly, though; a site can often be turned into an attack site without any visible change.

• To request removal from the list of reported phishing sites, use this form provided by Google.
• To request removal from the list of reported malware sites, use this one, provided by stopbadware.org.