CONSUMER NEWS    RECALLS    COMPLAINT FORM    SCAM ALERTS  


Complain about a product or service
Small Claims Guide | Class Actions | Lemon Law | FAQ | Resources | Newsletters | Spanish
Automotive    Education    Electronics    Family    Finance    Health    Homeowners    Shopping    Travel   
NEWS   Latest |  Archives |  Auto |  Cells, etc. |  Computers |  Financial |  Health |  Homeowners |  Parents |  Privacy |  Scams |  Seniors |  Travel

Firefox/Google Team Up To Fight Phishing

Some See Enhanced Security, Others See a Privacy Threat





By Martin H. Bosworth
ConsumerAffairs.com

October 26, 2006

TSA Site Left Passenger Data Exposed To ID Theft
Connecticut Governor Wants 'Opt Out' For Online Directories
Verizon Gave Customer Data To Government Without Court Orders
House Democrats Probe Warrantless Surveillance
Many Facebook Users Compromise Own Identities
Spy Court Tells White House To Fess Up
FBI Uses Data Brokers, "Risk Scores" To Hunt Terrorists
GAO: "Critical" Weaknesses In FBI Security Network
How Safe Is That Free Wi-Fi Connection?
Businesses Back Off Spy Chips
Insurer Unlawfully Poached Consumers' Credit Reports
GAO Cites Medical Privacy Issues
Google Anti-Phishing Feature Accidentally Reveals Too Much
Bush Spy Program Placed Under Court Review
"National Security Letters" Used To Examine Americans' Financial Records
Bush Gives Himself Authority to Search the Mail
Court Shuts Down "Media Motor" Spyware Operation
Consumerists Want FTC Probe of Online Advertising
Firefox/Google Team Up To Fight Phishing
Schwarzenegger Terminates Spychip Bill
For Sale: Your Health Care Records
Xanga.com Fined for Children's Privacy Violations
Facebook Does an About Face
Chase Trashes Tapes Containing Circuit City Customers' Data
---
More Privacy News ...
Fans of open-source foundation Mozilla's popular Firefox Web browser had reason to rejoice on Oct. 24, as the company released version 2.0 of the free software to highly positive reviews.

But a new feature designed to protect Web surfers from "phishing" attacks raised a few eyebrows, as it could potentially deliver a user's records of all visited sites to any participating anti-phish site tracker.

More interestingly, the only participating partner at the moment is Google, itself often discussed as having a spotty attitude toward keeping users' data private.

"Phishing" is a form of fraud wherein Web surfers visit a site that looks like a reputable business site -- Amazon.com or Bank of America, for example -- but is in fact designed to collect your financial information.

Phishers not only create dummy Web pages to siphon victims' data, but can also clog up your e-mail inbox with junk requests to provide your personal information.

Firefox 2.0's new "Phishing Protection" feature automatically checks any site the user visits against a "blacklist" of known phishing sites when the feature is enabled.

However, the service also offers the option of sending details about each site you visit to remote anti-phishing services.

Although the system is enabled to work with many anti-phishing services, Google is currently the only active partner. Moreover, Google developed the technology for Firefox's new anti-phishing feature from its own "Safe Browsing" addition for the Firefox suite.

The additional features require explicit "opt-in" consent and user activation, but the news still rankled critics of the search engine giant and its hunger for information.

One user said the service was deliberately targeted to less Web-savvy surfers who "won't care about giving up that little bit of privacy to keep their identity safe from the "bad people".

The Mountain View, Calif.-based company has a mixed record when it comes to keeping user data secret.

Its popular Google Desktop search tool enables a user's computer hard drive to be stored on Google's central servers for search across multiple computers, which also gives Google theoretically unfettered access to a user's hard drive.

Google was careful to emphasize that its Desktop search functions are purely voluntary and "opt-in," rather than the default mode for anyone who uses the tool.

Also, to its considerable credit, Google stood up to the Department of Justice over user data when it refused to turn over search queries to the agency.

The DOJ wanted two months' worth of Google search information to enforce online child-protection laws, but Google opposed the move as being overbroad and endangering its customers' personal privacy.

A Sell-Out?

But not everyone is convinced that Google can be trusted over the long haul.

Fans of Firefox were dismayed over what they saw as a "sellout" move by Mozilla, which recently became a for-profit company after many years as a nonprofit champion of "open source" software development.

Others noted that Google and Mozilla have been frequent business partners, and that Google isn't doing anything other Internet service providers haven't already done.

Some remained unconvinced, however. A commenter at the UK-based Platinax entrepreneurs' forum said that, "It's the provision of data to Google that raises the concerns."

What You Can Do

If you don't want to be duped by phisher e-mails and Web sites, but also don't want to hand over your Web surfing data to Google, don't enable the option of sending information to remote services in Firefox 2.0.

Stick with the default setting of the "blacklist," which should be updated regularly.

The Anti-Phishing Working Group, an organization made up of the heavy hitters in the online business and technology world, maintains a comprehensive list of procedures users can follow to avoid getting phished.

The tips include:

• Always make sure you're using a secure Web site before providing your financial information. Secured sites' Web addresses begin with "https://," rather than http://."

• Don't respond to any e-mail asking for your financial information or to click on a Web site link until you have verified the mail is legitimate. Phisher sites will typically ask for personally identifying information such as names, addresses, and Social Security numbers.

• Regularly check your online bank and financial accounts to ensure all the information is up to date. Never provide credit or bank card data over the Web unless you have verified the site is secure.



Report Your Experience
If you've had a bad experience -- or a good one -- with a consumer product or service, we'd like to hear about it. All complaints are reviewed by class action attorneys and are considered for publication on our site. Knowledge is power! Help spread the word. File your consumer report now.


Consumer News

May 17 2008

Recent Recalls & Safety Alerts

READER SERVICES

Print, Email & More

Subscribe

Free consumer newsletters
Sign up now!





Back to the top |

Advertisement


Home | Rogues Gallery | Good Guys | Complaint Form | News | Recalls | Search | Video | FAQ |
Consumer Resources | Small Claims Guide | Lemon Law | Newsletter | Contact Us
Advertise With Us | Testimonials | Newsroom | RSS Feeds | Radio | Job Postings



Terms of Use Your use of this site constitutes acceptance of the Terms of Use

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

Company Response Welcome If complaints about your company appear on our site, we welcome your response. Please see the Response Form for more information.

For more information, see the FAQ and privacy policy. The information on this Web site is general in nature and is not intended as a substitute for competent legal advice.  ConsumerAffairs.com Inc. makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof. 

Copyright © 2003-2008 ConsumerAffairs.com Inc.  All Rights Reserved.