Fireblog

Frequently Asked Questions

1. What is Phishing?

   Phishing is a form of identity theft that occurs when a malicious Web site impersonates a legitimate one in order to acquire sensitive information such as passwords, account details, or credit card numbers. Phishing attacks usually come from email messages that attempt to lure the recipient into updating their personal information on fraudulent, but very real looking, Web sites. More information on phishing can be found at the Anti-Phishing Working Group, and there are a number of examples and resources available at the Wikipedia Phishing page.

2. How does the Phishing Protection feature work in Firefox 2?

   Phishing Protection is turned on by default in Firefox 2, and works by checking the sites that you browse to against a list of known phishing sites. This list is automatically downloaded and regularly updated within Firefox 2 when the Phishing Protection feature is enabled. Since phishing attacks can occur very quickly, there's also an option to check the sites you browse to against an online service for more up-to-date protection. This enhanced capability, and other Phishing Protection settings, can be configured in Firefox's Security settings.

3. What information is sent to Mozilla or anti-phishing partners when Phishing Protection is enabled?

   When Phishing Protection is used in default mode, no information about the sites you visit is sent to Mozilla or anti-phishing partners. Rather, sites are checked against a local list that is downloaded to your computer and updated on a regular basis. When sites are checked against online anti-phishing services such as Google, the address of each web site you visit is sent to the online service over a secure SSL connection.

4. How do I use the Phishing Protection feature?

   Phishing Protection options can be found on the Security preferences pane. On Windows and Linux, go to Tools > Options ... > Security. On Mac OS X, go to Firefox > Preferences > Options ... > Security.

   You can test to see if Phishing Protection is enabled by browsing to our test site. If Phishing Protection is turned on, a warning dialog will appear.

   The "Get me out of here!" link will back out of a suspected phishing site and redirect you to the Firefox Start page. The "Ignore this warning" link will allow you to continue to the suspected phishing site.

5. How do I report a suspected phishing site, or what if a warning appears on my own Web site?

   In the Help menu there is an option to "Report Web Forgery..." which will bring you to a Web page that you can use to report a suspected phishing site, or to submit an incorrect forgery report.