Wednesday, March 29, 2006

Anti-Phishing Utilities for Firefox

Below are some browser extensions for the Firefox browser that are designed to help you detect if a web site has been spoofed. A spoofed web site is a site designed to look like another web site (generally a popular site like: eBay, Citibank, etc...) to steal your personal information (such as your user account and password or credit card information).

This is generally known as a 'phishing attack', a very popular trick that criminals use. It generally starts out when you receive an official looking email from a popular company, and it requests that you update your account information because of some event (like a database was compromised).

This email generally contains a link to the spoofed company web site and asked you to enter your account information. This is where the criminal will capture your information, then possibly send you to the real site.
  • ShowIP
    Displays the IP address of the current web page you're visiting in the browser's status bar (at the bottom of the window). It also allows you to perform searches for certain IP related information (just right-click the IP address in the status bar). For example, you can see who owns the IP address (WHOIS), or display information from Netcraft (which tracks information on these addresses), you can also copy the IP address to the clipboard if you need to.
  • SpoofStick
    This extension helps detect if the web site your visiting may have been spoofed. Using large and brightly colored words in the toolbar.
Note: Criminals are always coming up with new ways to make their spoofed web sites look more realistic and harder to detect. These utilities are no replacement for common sense, so never trust emails from any company that offers a link to their site, go their directly yourself.
Post a Comment