Thunderbird promises to fend off phishers

Developers are creating an antiphishing tool for open-source e-mail application Thunderbird.

Mozilla contributor Henrik Gemal wrote last week in a blog that a phishing detector has been added to Thunderbird. This feature is likely to be available in the next release of Thunderbird, version 1.1, according to the Mozilla bug report.

Related feature
Have you been phished?

Check here to see whether an e-mail that appears to be from your bank or an online merchant is actually an attempt to defraud you.

In a phishing scam, fraudsters send e-mail messages that try to lure people to Web sites faked to look like sites belonging to trusted service providers such as banks. Once they click through, people are asked to hand over credit card numbers and other sensitive personal information, which the criminals could use to commit identity fraud.

With the new Thunderbird feature, when a user clicks on a link in an e-mail that appears to be a phishing URL, the detector will prompt the user with a dialog box before the Web site is opened, Gemal wrote. The detector is triggered if the URL has a numeric Internet Protocol address rather than a domain name, or if the URL does not match the address displayed in the link text.

Firefox, the Mozilla Organization's browser software, and Mozilla Suite, its Internet application package, can already detect some phishing scams, according to a posting on the Mozilla news site, MozillaZine. These applications will warn people who try to visit a URL that includes an unnecessary username--a trick used by phishers to hide the true domain name of a site.

Earlier this month, a vulnerability was discovered in Firefox that some say could make users of the open-source browser more likely to fall for phishing scams. This article elicited a wide range of opinions from fans of the open-source browser and from those who were less enamored with it.

Ingrid Marson of ZDNet UK reported from London.

[rodtrent]

Was Thunderbird created by a 15 year old, too?

C'mon folks. Use some common sense when writing articles. Phishing is another security concern that can't be eliminated completely. Just as soon as Thunderbird's "feature" is released, it will be hacked. If MS were releasing a "feature" like this, c|net's headline would read: "MS looking to hook Phishers. But, will it catch carp?"

There's simply too much biased reporting on c|net. Get with the program folks. You need to be helping people instead of selling download links to Firefox.

[My-Self]

Partly agree ...

I'm a mostly happy Firefox / Thunderbird user, but I must admit there was no reason for a full article here. The feature is not even available in a released product and still needs improvements.
It will be worth mentioning when Thunderbird 1.1 will be released, but until then, I see no value in having a full article on a half baked feature appearing in a nightly build.

[simcity1976]

agree

It ain't like there the first browser group to create a feature like this.

Deepnet already has this feature in there software.

MailScanner already does all this

MailScanner has been doing this for months, and the description of the feature in Thunderbird matches exactly with what MailScanner already does, so I suspect that is where they got the code.

[br77575]

Eudora 6.2 already does this.

http://www.eudora.com/email/features/scamwatch.html

[xlxklsl]

Why is it so difficult for some people to give credit?

You guys are giving alternatives but MailScanner is a service you subscribe to as an extra, and Eudora is a reasonably good email program, but only the paid version includes ScamWatch. Thunderbird is free and equal to or better than any email program out there.