IE7 Phishing - not to be trusted - HTML forum at WebmasterWorld

Forum Moderators: open

Message Too Old, No Replies

IE7 Phishing - not to be trusted

Microsoft phishing filter is not really worth trusting.

rtfm_again

6:28 pm on Oct 24, 2006 (gmt 0)

I just received an eBay scam email. So I forwarded to phishing-report@us-cert.gov, who responded the a incident number.

The hacked site is <removed link>. So I checked it with IE7's Phishing test. But it assures my that it is quite safe. So I filed a report with Microsoft.

Well that was an hour ago and they still updated their phishing list! I wonder just how long it's going to take.

[edited by: encyclo at 6:35 pm (utc) on Oct. 24, 2006]
[edit reason] removed site reference, see forum charter [/edit]

rtfm_again

6:53 pm on Oct 25, 2006 (gmt 0)

Update: Two reports have been sent to Microsoft and still, more than a day later, the IE7 phishing check says 'This is not a reported phishing website'.

Firefox 2.0 on the other hand, immediate warned that it was a phishing website with a clear alert saying 'Suspected Web Forgery' and the screen turns dark grey. It is very obvious that something is not right with the site.

Another nice aspect of Firefox is it downloads the information to your local computer. Where as IE7 bombards the Internet with more traffic, checking it's list at Microsoft for every site you browse. Perhaps a clever way to find out what people's surfing habits are and where they spend their money.

txbakers

12:49 am on Oct 26, 2006 (gmt 0)

When I was studying about fire arms we learned a very simple rule. A "safety" is a mechanical device that can and will fail.

That means that we could never rely on the safety over our brains.

I think the same holds true with Phishing sites. You have to rely on your brain first and foremost over any corporate tool.

The bad guys are just faster.