Firefox 2 no longer supported - phishing filter disabled
If you are still browsing the Internet (and reading this) with Firefox 2.x, you need to know that support for it has ceased. Mozilla.org is no longer releasing any security updates to this line, which ended at version 2.0.0.20, in December 2008. With that final security update an existing security feature was disabled. Mozilla has turned off the anti-phishing filter built into Firefox browsers, from 2.0 up. This was done at the request of Google, who maintain the databases used by the phishing filter. However, the anti phishing filter is alive and well in the new series 3 Firefox browsers. For your continued security I recommend that you upgrade to Firefox 3.x as soon as possible.
If you have an older version of Firefox 2.x and the anti phishing filter is still enabled on it, I have bad news for you. On Monday, January 19, 2009, Google turned off the phishing website blacklist for Firefox 2.x browsers. Even though your browser may show the anti phishing filter as active its database is no longer being updated. This gives a false sense of security where none exists. Phishing websites typically have a useful life of between 3 days to two weeks, before they are reported and taken down by hosting providers or ISPs. If your anti phishing filter is not receiving regular updates you will be completely out-dated in a week or two. The websites in your blacklist will probably be inactive (as phishing sites), but newly discovered sites won't be added to your database.
You have some tough choice to make if you want to have Firefox browser protection against phishing attacks via compromised websites. If you choose to not upgrade to Firefox 3.x you should disable the setting "Tell me if the site I'm visiting is a suspected forgery" in the Security preferences section of Firefox 2.0's Options dialog box.
Here are your anti-phishing security options.
- Upgrade to Firefox 3.x which Google is supporting with new anti phishing updates (Recommended)
- Install the Netcraft Toolbar for Firefox
- Install the McAfee SiteAdvisor Toolbar for Firefox
- Install the Trend Micro Web Protection Add on (beta)
- Trend Micro Internet Security (PC-cillin)
All of the above options will detect and prevent access to known phishing websites. The Trend Micro programs also block access to malware distribution or exploit coded websites.
Trend Micro Internet Security products, for home and office users, use in-the-cloud malware definitions that are updated every day, all day, as soon as new or altered strains of viruses and other malware are detected in the wild and analyzed. By offloading the bulk of these ever changing virus definitions to cloud servers, the load on your computers is greatly reduced. All users of Trend security programs are instantly protected from hostile web pages laden with malware exploits and hostile email, by the Trend Micro Smart Protection Network.
This weblog is licensed under a Creative Commons License.The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.
