In a previous post, the concept of spear-phishing was introduced. Its more common relative, phishing, is one of the most notorious online security threats. Phishing refers to an attempt by a hacker to obtain confidential information about a user through fraudulent means – specifically, by pretending to be a legitimate communication from a credible source. In a typical phishing scheme, a spam email will direct a reader to an external website, often with a masked URL. When the user inputs his or her information, it falls into the hands of the cybercriminal. Usernames, passwords, credit card information and the like are then up for grabs (the perpetrators themselves can steal someone’s online identity or they might instead choose to sell the details to a well-paying source).
Even the most diligent of us might someday be fooled as the fake email notifications and websites look increasingly authentic. Lucky for us, popular browsers are just as concerned about protecting our online safety.
A number of browsers have built-in protection like anti-phishing features; these include Mozilla Firefox 2 or later, Microsoft Internet Explorer 7 or later, and Safari 3.2 or later. An alert will warn users of suspicious circumstances, hopefully preventing would-be victims from falling prey to (usually) financial scams. (There is some debate over how effective these warnings are, but a browser can only do so much for a determined human.)
Another useful feature is domain name highlighting (available on IE8 and Google Chrome, also as an extension for Firefox), which helpfully points users to the actual domain name of a site. On a fraudulent website, the domain name might appear to be that of a legitimate bank, but that bank’s name is followed by other spam-like letters and numbers—the real domain name.
To guarantee that you are always best protected online, make sure that you have the latest version of your browser. This information is easily accessed through the “About” section of your chosen browser, or “Help” then “About.” It is also wise to stay informed of patches and upgrades, but only from trusted sources!
(For PayPal’s Safer Browsers FAQ, click here.)