• On TV.com: TOP 10 Shows CANCELED Too Soon
July 2, 2008 12:26 PM PDT

Fight Phishing with Flagfox for Firefox

by Michael Horowitz

A big part of phishing scams and identity theft is fooling people into thinking they are on one website when they are actually somewhere else. The technical tricks to accomplish this include lookalike and phony domain names, zapping the hosts file, tricks with URLs and assorted attacks on DNS servers. What's a normal person to do?

Flagfox is an unobtrusive extension for the Firefox web browser that offers some assistance by placing a flag in the bottom right corner of the Firefox window. The flag (shown below) indicates the country where the website physically resides.


If you don't recognize the flag, hover the mouse over it and a yellow pop-up window (below) displays the IP address of the website and the country where it resides. If you normally deal with a bank, brokerage or credit union in, for example, the United States, and one day you notice the flag is from another country, you are not at the website you thought you were.


Of course this only goes so far. If a legitimate website is in New Jersey and a phony, phishing copy of it resides in New Mexico, the flag will still be American. Before doing anything sensitive, such as banking, click on the flag to open a new tab showing a map and more precise location information such as the city and state.


This is the physical location of the website, not of the organization or person represented by the website. Although in the case of CNET and CNET.com they are the same, this is not normally the case. The New York Times, for example, runs their website out of Colorado. The website of another New York City newspaper, the Daily News is in Texas. Our third local newspaper, the New York Post, hosts their site in Massachusetts.

In all but two cases that I tried, Flagfox was able to pinpoint a location based on the IP address. However, it didn't know where CNN.com or TomsHardware.com were located.

The point is to be aware of where the important websites that you deal with are located. Customers of Citibank, for example, would be safer if they verified that the website was in New York City before signing in.

But where are the bank websites? Only the banks know for sure. For example, my computer showed Citibank.com as being in New York City, but if my machine was compromised, I could be looking at a scam site imitating Citibank while the real site is elsewhere.

For Flagfox to be most effective, banks, brokerages and credit unions would have to publicize the physical location of their websites. I'll contact a few and see what they say...

Update July 2, 2008: If Flagfox can't locate a website based on the IP address, there are other options. Two websites that I've used often for this are www.ip-adress.com/ipaddresstolocation and www.ip2location.com/demo.aspx.

For more on this same subject, see my next posting Verifying legitimate bank websites

I recently wrote about another Firefox tweak Firefox 3: Expand the Site Identification button on HTTPS pages which also helps with verifying the true identity of a website.

See a summary of all my Defensive Computing postings.

Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He is a member of the CNET Blog Network, and is not an employee of CNET. Disclosure.
Topics:

Phishing

Tags:

Firefox,

Flagfox

Share:
Digg
Del.icio.us
Reddit
Recent posts from Defensive Computing
Fixing bugs in the Flash Player yet again
Getting more battery power for your computer
Get an MSI Wind Netbook for only $349
Not interested in a Netbook computer? Consider the Honda Fit
Beware emails linking to blogspot.com
When Word documents break
More about printer ink rip-offs
Some computers are too important to be networked
Related
CNET News Daily Podcast: Web expected to drive holiday sales
Firefox's future features: 3.6, 3.7, and 4.0
Next Firefox can detect computer orientation
Mozilla's e-mail group looks toward the cloud
Firefox releases critical update, 3.5.4
Mozilla pushes for fast move to Firefox 3.6
Week in review: Microsoft getting lucky with 7?
Firefox's crossroads: Cutting-edge or mainstream?
Add a Comment (Log in or register) (9 Comments)
  • prev
  • 1
  • next
by brian_pellegrini July 3, 2008 4:14 AM PDT
Flagfox does not work with FF3.
Reply to this comment
by mhinnewyork July 3, 2008 3:44 PM PDT
It does work with Firefox 3. I says this both because the documentation says it does and I tested it there. Michael Horowitz
by ferno1188 July 3, 2008 6:21 AM PDT
Yes, it does
Reply to this comment
by JCPayne July 3, 2008 8:36 AM PDT
An easy trick to protect the HOSTS file....

Open it.... in a text based editor. Delete everything in it..... Save it... Then--- change the shares on it to "READ ONLY" then no files can change it.
Reply to this comment
by sjwilson42 July 3, 2008 8:48 AM PDT
Version 3.2.6 from Mozilla works with Firefox 3.
Reply to this comment
by dizzygill July 3, 2008 10:20 AM PDT
Doesn't work from behind a proxy. Should include pulling proxy info from the browser settings in a future release.
Reply to this comment
by newe1344 July 6, 2008 9:51 AM PDT
I'm not going to even notice that little flag after a while and it will do me no good. Nice thought though...
Mike,
www.personalsidekick.com
Reply to this comment
by mhinnewyork July 6, 2008 1:52 PM PDT
I agree, but I think that's a good thing rather than a bad thing. You only need to be concerned with the flag in the corner when you're doing something sensitive, such as online banking. For most web sites, it's not an issue. Michael Horowitz
by masigman July 10, 2008 7:29 PM PDT
I enjoy using Netcraft toolbar. Shazou is also very good, issuing a popup map when invoked.

Netcraft Toolbar 1.2
by Netcraft Ltd

Blocks phishing sites, helping to protect users from online fraud...
https://addons.mozilla.org/en-US/firefox/addon/1326



Shazou
by Chuck Durham

Finally mapping is integrated with the Firefox browser. The product called Shazou (pronounced Shazoo it is Japanese for mapping) enables the user with one-click to map and geo-locate any website they are currently viewing. Shazou was developed...

https://addons.mozilla.org/en-US/firefox/addon/2993
Reply to this comment
(9 Comments)
  • prev
  • 1
  • next
advertisement

FAQ: Buying the right Windows 7 upgrade

Readers still have lots of questions on just which version of the software they need to buy in order to upgrade their PC. CNET News tries to offer some answers.

N.Y. lawsuit details Intel's 'largesse' toward Dell

Attorney General Andrew Cuomo's federal antitrust case filed Wednesday alleges a longstanding symbiotic relationship between Intel and Dell.

advertisement

About Defensive Computing

Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He views Defensive Computing as taking steps, when things are running well, to avoid or minimize the inevitable problems down the road. It's about educating yourself to the level where you can make your own intelligent decisions about keeping your computers and data happy and healthy. If you depend on computers, yet are on your own, without an IT department or nearby nerd, this blog's for you. His personal web site is michaelhorowitz.com.

He is a member of the CNET Blog Network and is not an employee of CNET.

Disclosure.

Add this feed to your online news reader

Defensive Computing topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET