Omnipresence

Recently, there have been reports of vulnerabilities in the phishing protection included in Firefox and Opera. If an extra dot or a slash is added to the end of the hostname of a phishing site, the browser fails to warn you. Incidentally, WOT isn’t vulnerable to these attacks, but even if it were, you could still tell something isn’t quite right.

A major problem with current phishing filters is that you cannot really tell if they’re working. If you don’t receive a warning when you enter an unknown site, is it because it’s not phishing or is the phishing protection just not working this time? There’s no difference in the feedback you receive.

WOT solves this problem by always being there. You can see if it works, and you can see if it knows the website. If it doesn’t, you know to watch your steps. This is especially true if you visit a site that you have known to have a good reputation previously. If WOT suddenly doesn’t know it anymore, it’s a good sign something phishy might be going on.

The problem of the phishing protection not being visible to the user also comes up in another very recent Firefox vulnerability. It turns out that a website can open an empty window or a new tab and modify its contents while the address bar the user sees appears blank. This means that a malicious website can simply open a new tab and add its phishing page there. The phishing filter on your browser doesn’t have a chance of detecting this. However, if you are using WOT, you can tell it’s not your bank, because the blank page doesn’t have a reputation.

Of course, WOT isn’t just for antiphishing. Even if the website you are visiting is not trying to impersonate another site, learning its reputation can help you decide whether it can be trusted. Mere phishing protection won’t help you with that.

Share on facebook
Share on twitter
Share on linkedin

Leave a Reply

Your email address will not be published. Required fields are marked *