From MozillaZine Knowledge Base
Browsing the web can be dangerous, some websites have malicious content and may harm your computer or your privacy. The term "Safe Browsing" combines protection against
Mozilla applications offer some protection against such websites since Firefox 2.0 (malware protection since 3.0) and SeaMonkey 2.18. If the feature is enabled, a list of domains which have been reported as being malicious is downloaded in regular intervals. The address (URL) of each website the user is about to visit is compared against these lists and a warning issued before the content of that website is actually loaded. In this way, the user has the opportunity to cancel the loading process before any potential harm is done.
Scope of this article
The main topic discussed here is the Safe browsing feature in Mozilla browsers, not the discussion of good practices when browsing the web in general. As a rule of thumb though, it is always a good idea to be careful when browsing and to utilize available precautionary measures.
Safe browsing should be complemented by disabling plug-ins which are not needed on a regular basis (such as Java) and installing add-ons like NoScript or FlashBlock to avoid loading content that may exploit vulnerabilities. Warning signs like certificate problems with encrypted connections should be taken seriously and the trustworthiness of the web site connected to verified; it is fairly straight-forward to generate a self-signed certificate that a malicious site may use to present itself as a legitimate site.
Depending on the application you are using, the settings are in different preference panels:
There are two checkboxes associated with warnings for malware and phishing sites to enable the respective features:
Both are checked by default, thus in general there is nothing you need to do to stay protected.
When a website is listed
If you enter the address of a website reported as malicious, or try to visit it from a link provided in another website or from an e-mail or news messages, one of the following warnings will be shown:
→ The website has been reported as containing potentially harmful content to distribute malware (e.g., viruses or spam engines).
→ The website has been reported as pretending to be another website (e.g., of a banking institution) in order to obtain personal information from the user (most frequently username and password to the site which is imitated).
No harm has been done up to this point.
Options to proceed
There are three ways to proceed when a warning has been triggered:
Reporting errors in the list
After clicking "Ignore this warning" an information bar is shown on top of the web page:
The infobar can be dismissed with the [x] in its corner. It also provides a "Get me out of here!" button to leave that web page after it has loaded (keep in mind that at this time, malicious content may already have been loaded).
If you are sure that this is a false warning, the provider can be informed using the "This isn't an attack site" or "This isn't a web forgery" button (depending on the type of the warning). This will open a tab at http://www.stopbadware.org/ (for malware) or http://www.google.com/ (for phishing attempts) where you can enter details to consider removing that site from the respective list.
Mail & news messages
Neither Thunderbird nor SeaMonkey have to date extended the Safe browsing feature to e-mail and newsgroup messages. The Scam alert is strictly rule based and not tied into the phishing list provided by Google (or any other provider). However, when following a link which turns out to be pointing to a malicious site, the browser should catch such a site at this time.
It is a different case with build-in or add-on provided browsing capabilities in Thunderbird. Using the Search the Web function or an add-on like Thunderbrowse will not provide the same safety as opening the link in the actual browser, given that Thunderbird will not verify the web page against either malware or phishing lists.