Wednesday, October 04, 2006

Internet Explorer 7 RC1 Flagging Sites Wrongfully As Phishing Sites

By Coenraad De Beer

It all started with a web site owner receiving an e-mail from an unhappy client informing him that the anti-phishing scanner of Internet Explorer RC1 detected his site as a possible fraudulent web site. When Internet Explorer detects a possible fraudulent site, it warns the user not to enter any personal or sensitive information on the specific site in question. This means that if your site gets detected as a phishing site, you will most certainly loose clients because no one will want to buy from you (to sell products online you require information like e-mail addresses, shipping addresses and credit card information).

Which bothers me the most is the fact that web site owners discovered this and will possibly encourage their visitors to turn of the anti-phishing feature. This beats the whole idea of having the scanner there in the first place. Internet Explorer is causing a loss of confidence in two directions, the one being the web site and the other being the anti-phishing scanner. People will start to doubt respectable web sites and at the same time question the accuracy of the anti-phishing protection of Internet Explorer. The anti-phishing scanner is a great idea and an innovative way of battling the ever-increasing threat of online fraud. But when things go horribly wrong like this, you do more harm than good.

You have to take into consideration that it is still a release candidate and not the final version and bugs will most certainly be present. But you have to make sure that things like this won’t happen before you release it into the open. I can only imagine how much money has been lost because of this flaw and you might even see some lawsuits in the near future if the matter is not resolved in a timely matter.

The developers of Firefox are also implementing an anti-phishing feature for Firefox 2. This anti-phishing feature handles possible fraudulent sites fairly the same way as the Google Safe Browsing feature of the Google Toolbar. This brings an idea to mind. If you really feel you need anti-phishing protection then get Firefox with Google Toolbar, it is far better and safer using a stable browser than using a pre-release version of a browser with multitudes of security issues and flaws. To be honest, you should seriously consider an alternative browser to Internet Explorer, because it will be compulsory for all Internet Explorer 6 users to upgrade to Internet Explorer 7 once the final version gets released. Ask yourself the question, are you going to be bullied onto using an unreliable product or are you going to decide for yourself what is the best for your online safety?

For more information about this incident visit the following link: http://www.webproworld.com/viewtopic.php?t=67905

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud and educating users against malicious software.

1 comment:

Yuvaraj said...

Nice information........ Its pretty useful for me as well as to all the internet users.

Thanks.,

Yuvaraj :)