Phishing protection: Difference between revisions
m (added link to the respective Wikipedia page) |
(→Scam warning: copy-pasted content from the TB 5.0 article) |
||
Line 4: | Line 4: | ||
# [[Safe browsing]] ''(Firefox and SeaMonkey)'' | # [[Safe browsing]] ''(Firefox and SeaMonkey)'' | ||
# [[Junk Mail Controls]] ''(Thunderbird and SeaMonkey)'' | # [[Junk Mail Controls]] ''(Thunderbird and SeaMonkey)'' | ||
===Scam warning=== | |||
The implementation of the scam feature remains incomplete [https://bugzilla.mozilla.org/show_bug.cgi?id=654502]. It is based on a fixed set of rules which are triggered when an HTML message contains links with either a numerical IP address or where the text over the link suggests a different target than the actual link underneath. Unfortunately, many newspaper-style messages and notices follow the latter pattern, usually to keep track of clicked links in such messages to get some statistics how frequently such a link was clicked. There is currently no way to white-list such links [https://bugzilla.mozilla.org/show_bug.cgi?id=320351], and no service similar to the Google-based phishing list Firefox is using has been established for Thunderbird [http://groups.google.com/group/tb-planning/browse_thread/thread/46da904ec70e5dee]. | |||
{{Right-pic|Tb50scamWarning.png}} | |||
A request to disable the feature by default for the time being has thus far been denied [https://bugzilla.mozilla.org/show_bug.cgi?id=623198], but as a workaround it has been made more apparent that the feature ''can'' be switched off. The scam warning now comes with a direct link which will disable the feature for this and all other messages [https://bugzilla.mozilla.org/show_bug.cgi?id=653103], thus it's easier to find when too many false positives are reported. To reactivate the scam warnings, check the respective box in the Security → E-mail Scams options. | |||
Note that, even though Thunderbird does not have an agreement yet with a phishing-list provider, right-clicking on a suspicious link in a message you received allows you to report that link as such to a provider [https://bugzilla.mozilla.org/show_bug.cgi?id=653798]. | |||
[[Category:Privacy and security]] | [[Category:Privacy and security]] |
Revision as of 19:07, 2 June 2013
Phishing is a malicious attempt to gather private information, usually credentials (username and password) for login to sensitive sites (e.g., on-line banking) or other sensitive information (credit-card or social-security numbers).
See the following articles, depending on whether you are looking for protection when browsing websites or for e-mail messages:
- Safe browsing (Firefox and SeaMonkey)
- Junk Mail Controls (Thunderbird and SeaMonkey)
Scam warning
The implementation of the scam feature remains incomplete [1]. It is based on a fixed set of rules which are triggered when an HTML message contains links with either a numerical IP address or where the text over the link suggests a different target than the actual link underneath. Unfortunately, many newspaper-style messages and notices follow the latter pattern, usually to keep track of clicked links in such messages to get some statistics how frequently such a link was clicked. There is currently no way to white-list such links [2], and no service similar to the Google-based phishing list Firefox is using has been established for Thunderbird [3].
A request to disable the feature by default for the time being has thus far been denied [4], but as a workaround it has been made more apparent that the feature can be switched off. The scam warning now comes with a direct link which will disable the feature for this and all other messages [5], thus it's easier to find when too many false positives are reported. To reactivate the scam warnings, check the respective box in the Security → E-mail Scams options.
Note that, even though Thunderbird does not have an agreement yet with a phishing-list provider, right-clicking on a suspicious link in a message you received allows you to report that link as such to a provider [6].