My e-mail inbox has been remarkably free of phishing messages lately, so I haven’t been able to compare the performance of the IE7 and Google/Firefox phishing filters, as I promised last week. (The filters on my e-mail server do an excellent job of blocking this junk.)
Today, I finally got one – a come-on from a Romanian server attempting to get my Bank of America credentials. The good news is that both IE7 and the Google Toolbar for Firefox nailed it. (Firefox 2 Beta 1 alllowed it right through, but that’s to be expected since the phishing feature isn’t turned on yet.)
In looking at the two browsers side by side, I was able to compare the different behaviors. Here’s IE7:
The URL appears in the address bar, but the page itself is completely blocked. I have to choose to click a link to go to the suspicious page. Any other option sends me somewhere else, away from the unsafe site.
Now here’s how the Google Toolbar flags the same site in Firefox:
The phony page is visible, but grayed out. If I try to click on the site, it doesn’t work because the Web Forgery dialog box has completely taken over the focus. That’s good. And the Get me out of here! link is unmistakable in its effect. The only part I don’t like is the big X in the upper right corner. I don’t know about you, but I’ve learned, Pavlov-style, to click that X whenever I see a popup window or a warning dialog box. In this case, though, clicking the X dismisses the dialog box and allows you to go to the page.
That default behavior seems wrong to me. If I’ve chosen to use a piece of security software, I want it to protect me from any threat unless I specifically and unequivocally choose to ignore its warning. The X in the dialog box is ambiguous, and in my opinion the default behavior in that case should be the exact opposite: I didn’t choose to ignore the warning, so send me somewhere else, far away from that threat.
If anyone at Google or Mozilla is listening, consider this a feature request.
Ed Bott 
Sign up for a Gmail account and pop the link on this site (or better still on ZDNet) and wait for the phishing emails to roll in! π
I’m testing Norton Confidential Beta and I deleted all my phishing emails earlier so I’m waiting for a few to roll in for testing too!
Actually, I have a Gmail account with an address that I’ve posted publicly in a few forums (not associated with my real identity at all). So it gets lots and lots and lots of spam. But Google does a very good job of filtering it. Out of 220 or so spam messages in my Spam folder, only one was a phishing message – the fake Ebay version. And it was a dead link.
I think Google is getting better at filtering these things out.
Hmmm, I get swamped by Paypal/eBay phishing emails, there were a good 50 in there when I deleted it this morning. Strange.