Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

August 8th, 2011

Four browser nets and one phish

Not all browser nets can catch the same phish. One Friday evening, just before I wanted to go home, I received an interesting email.

It contained sentences like “ We recently reviewed your account, and suspect that your PayPal account
may have been accessed by an unauthorized third party” and words like “protected“, “security” and “unauthorized“.  Of course, at the end of the email, there were directions to click on a “Paypal” link to update information like login name and password.

Of course, everyone knows about phishing these days. What was really interesting were the clever ways they wrote the code to make the link to their phishing site more discreet. So I decide to see what major browsers such as Microsoft Internet Explorer, Google Chrome, Opera, Mozilla Firefox, and Apple’s Safari would do if I tried to click through. I used their code, just substituting avast.com for the malicious malware site.

I started out with Internet Explorer, version  8.0.6001.18702. This pleasantly surprised me as it blocked my attempt to click on this link.

The second browser tested was Google Chrome, version 13.0.782.107. When I moved the mouse over the link, it showed me that the link goes to avast.com

But when I clicked on the link, it directly took me to the avast.com site without a warning.

Opera, the third tested browser, behaved similarly to Google Chrome. When hovering over the link, it indicated that something was suspicious, but after clicking, I was redirected without any warning.

The fourth browser was Mozilla Firefox. With the older version 3.6.18, you need really good eyes to see that there is something wrong.

In the latest version 5.0.1, you can find that developers have focused on this problem.



But,  the results were same in both cases if i tried to click on the suspect link.

 

The last browser tested, but not the least, was Apple’s Safari. When i clicked on link, it showed me a huge warning that the link could be used for phishing.

The moral of the story is this: There are a lot of smart phish in the ocean – and they are getting better at looking more legitimate. And, in at least this single case, there was a wide difference between individual browser’s ability to identify suspect code and warn users about potential problems. Security against these attempts still remains the responsibility of the individual computer user.

 

  1. August 9th, 2011 at 09:40 | #1

    Always turn my eyes on for not to be phished!

  2. August 9th, 2011 at 09:57 | #2

    lol, I’m still far from understood, thx for the info, I’ll keep learning.

  3. Tanmoy
    August 9th, 2011 at 10:04 | #3

    i thought chrome is most secure browser, after that article i need to think again

  4. shre54321
    August 9th, 2011 at 10:40 | #4

    well…..phishing huh!?……good job! avast! team and avast!

  5. August 9th, 2011 at 17:56 | #5

    FireFox’s Mottos remains to provide a basic browser that can be customized and it differs a lot from chrome who want to punch pack things … ff extensions like NoScript and GreaseMonkey give advanced functionality … yet these can be avoided this is proably why MS shows off that IE is the safest . LOL

  6. Tech
    August 10th, 2011 at 02:52 | #6

    Glad that Firefox did something :)

  7. August 10th, 2011 at 08:19 | #7

    @HackToHell
    Hi,
    i know, i’m using FireFox by myself, but this was just test of basic browsers.

  8. Jainam
    August 10th, 2011 at 15:40 | #8

    Good Job avast…….nice!…..:)

  9. Metal Machine
    August 10th, 2011 at 15:44 | #9

    Invaluable info! Thanks Jan. I’m surprised that Microsoft’s Explorer is the one that performed better!

  10. Adrian
    August 10th, 2011 at 15:53 | #10

    Well, that’s one way of doing it. However, Firefox is known for its addons. I doubt it that you could’ve been tricked by the link had you installed WOT, NoScript and AdBlock. That’s why Firefox is, as Wolverine, the best at what it does – you can build it into a foolproof browser.

  11. MonkInsane
    August 10th, 2011 at 16:04 | #11

    HackToHell :
    FireFox’s Mottos remains to provide a basic browser that can be customized and it differs a lot from chrome who want to punch pack things … ff extensions like NoScript and GreaseMonkey give advanced functionality … yet these can be avoided this is proably why MS shows off that IE is the safest . LOL

    IE is the safest, cause it crashes so often you cant really use it!! LOL Love my Firefox – just use NoScript and Keep an eye on the address bar – and you’re sorted.

  12. August 10th, 2011 at 16:08 | #12

    @Adrian
    Hi, i showed in one of images that FireFox( both versions ) stopped me when i tried go to site. It showed me warning that site doesn’t required authentication and ask me: Is “Avast.com” the site where you want to go?

  13. vicky
    August 10th, 2011 at 16:26 | #13

    google chrome is a nice browser… it helps me to do browsing faster

  14. Jasmeet Singh
    August 10th, 2011 at 16:40 | #14

    Mozzila and IE both are good in terms of security…. Google chrome didn’t stand on my expectations…. I was using it for the past 2 yrs and was thinking it is the best browser but i was wrong… Thx to u Avast guys…

  15. August 11th, 2011 at 13:39 | #15

    Having Avast on my Google chrome, not having any complaint with it till now. And hope same will continue in future too. Grateful to Avast!!

  16. August 11th, 2011 at 19:40 | #16

    I am surprised the great deal of pain these Phishers take to mimic the legit look of real company emails. Their scams are also getting elaborate.

    I recently saved a client of mine from sending hundreds of dollars worth goods to Nigeria after he got an email from “Paypal” saying his payment was completed. Actually, he had spoken to someone over email who claimed to live in the UK and he was supposed to courier the goods to Nigeria as a “gift” to their “sister”. He jubilantly told me about it, only to realize through me that the “Paypal” email was a sham…

    Thanks for your post Jan, I’m way too good at recognizing illegal mails/sites when I see them, so I can’t be Phished out, but the majority of people can’t seem to be able to tell the difference between sham mimic graphics and real site graphics and equally so with hyperlinks. All other browsers really need to step up and address this issue like Apple and Microsoft did…

  17. Lily
    August 12th, 2011 at 23:03 | #17

    Ever wonder where avast! gets all the space on their computer to download all of these browsers?!? *lifts an eyebrow*

  18. August 15th, 2011 at 10:34 | #18

    @Lily
    We have LABS for it! :D

Comments are closed.