PayPal: If a browser doesn't have anti-phishing technology (like Safari) ditch it

PayPal: If a browser doesn't have anti-phishing technology (like Safari) ditch it

Summary: A PayPal executive last week recommended that its users ditch Apple's Safari browser since it doesn't have anti-phishing technology. If other phishing targets--banks, brokers and such--follow suit it could make anti-phishing technology the price of admission to recommend browsers.

SHARE:

A PayPal executive last week recommended that its users ditch Apple's Safari browser since it doesn't have anti-phishing technology. If other phishing targets--banks, brokers and such--follow suit it could make anti-phishing technology the price of admission to recommend browsers.

Infoworld last week quoted Michael Barrett, PayPal's CIO, saying the following:

"Apple, unfortunately, is lagging behind what they need to do, to protect their customers. Our recommendation at this point, to our customers, is use Internet Explorer 7 or 8 when it comes out, or Firefox 2 or Firefox 3, or indeed Opera."

At issue is the fact that Safari lacks a built-in phishing filter to warn users about shady Web sites. Safari also dosen't support so-called Extended Validation certificates, which turn the address bar green if a site is legit. Extended Validation certificates aren't the complete answer but are a help.

Jeff Smykil at ArsTechnica noted:

While it's not entirely fair singling out Safari (other Mac browsers like Camino also also lack this support), it is perhaps at least a helpful reminder of the threat. Embarrassingly enough, (what don't I keep from you folks?) I have fallen for a PayPal-related phishing scam. It was early in the morning and I realized my error as soon as I hit enter; nonetheless, there was the possibility that the phishers got my login information. At least I was lucky enough to realize I screwed up and was able to change my login information on that, and other sites, right away.

I use Camino as my full-time browser, so Safari didn't fail me, but it would have. As annoying as I sometimes find the antiphishing features at work where I use a PC, the small annoyance would have saved me an even larger one in the end.

To be completely honest, I've never viewed anti-phishing technology as anything more than an annoyance, but if a tech savvy person like Smykil can get nabbed we all can.

Will anti-phishing features get more respect after PayPal's campaign?

Via Slashdot.

Topics: Security, Apple, Browser, Operating Systems

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

14 comments
Log in or register to join the discussion
  • For me, they are just a nuisance.

    I mean, I check every link, and if the host doesnt end in "zdnet.com", I don't click it.

    Incidently, since the weekend, I been doing a lot more link checking. Maybe I need to get used to the new site, it at the moment, it's not working for me.

    I particular, I'd like to get to your "Blog Roll" with fewer clicks, and generally less stress on my cheap-ass narrowband connection. Me being a cheap-ass isnt the only reason its narrowband - the local P&T is a cheap-ass too.
    TheTruthisOutThere@...
    • I'm annoyed as well

      Last time they changed the site they setup a blog for all the regulars to write about what we thought. And a lot of issues were fixed. I have not seen such a post this time around.

      The new front page annoys the hell out of me. The old one showed new and popular links. I liked this. Now I cant see that. And basic navigation is just more time consuming. I like some of the new features, but it needs work overall.
      Stuka
      • agreed

        I like the look visually, but functionally it's much worse. I imagine in time I'll get used to it...
        Real World
      • It's DOG slow as well

        Looks pretty, but it runs soooo slooooow. The lag time between pages is awful, a well as painting of the screen. I could not find any place to log my comments. For me, the site is almost unusable now :-(
        magcomment
        • Slow it is because

          there is too many pictures loading. I a the misfortune of having to use a POTS-modem for a short time and it war sslllooooowwww !
          Less amount of images will help a lot.
          My other niggle is: The truncated title-line.
          You don't see it until AFTER message is submitted.
          hkommedal
    • See this

      http://blogs.zdnet.com/BTL/?p=8123
      Larry Dignan
  • Sheeple

    Honestly I don't think we should be telling everybody to rely on a green or red menu bar to tell them if a site is safe. But instead teach them what to look for to verify for themselves if a site is safe or not.
    Stuka
    • There are a lot of "beginner users" out there

      So having that little warning is actually useful.
      Besides, no one is infallible, and we can all benefit from that extra warning in the instances when we're not paying full attention to what we're doing.
      tikigawd
  • All browsers should have anti-phishing features by now...

    Anti-phishing is great for the beginner users (most of which would be right at home on a VTech, sorry, Apple Mac.

    Another instance of SJ knowing best, huh?

    [i]Take off the cider goggles, put down the Cupertino crack pipe. Choose life[/i]
    Scrat
  • RE: PayPal: If a browser doesn't have anti-phishing technology (like Safari

    Didn't even know this technology existed :)

    I always check the urls of what I click on, most of the time, the domain name and extensions will suffice to spot a phisher.

    If I see something from folks like Paypal. I simply quit my browser. Reopen it and go manualy to the site, using my browser to check my account for any notification...

    I never got caught even once...
    Silex
  • RE: PayPal: If a browser doesn't have anti-phishing technology (like Safari) ditch it

    I use Opera on Suse Linux and IF there is a phishing attempt, there is VERY good warning.
    I believe the same is on FF2, but although I do use it I have not YET seen the warning. I do, however use Opera more than FF, so that could be the reason.
    hkommedal
  • RE: PayPal: If a browser doesn't have anti-phishing technology (like Safari) ditch it

    Self-evident. It really is about time Apple managed to catch up - both with its iPhone and software. If it expects to become anything more than a fringe player it really needs to address security.
    tonymcs@...
  • RE: PayPal: If a browser doesn't have anti-phishing technology (like Safari) ditch it

    SCREW PAYPAL! They are just a Credit Card or Merchant Account wanna be. I had to take them to court to get my money back on a fraudulent seller. I beat their a$$es in court but I'll never use them agian.
    Enorton42@...
  • Very necessary - thank you PayPal

    Paypal, the best payment service on the internet, does not take this initiative without serious reasons. I also almost got lured because the logo and design was exactly PayPal, but noticed that the URL did not look right. The small annoyance of antiphising is nothing compared to loosing all your money.

    Such backtalk as in the comment immediately before me is totally irrelevant and highly dubious. I used them for years without any problem. What competitor to Paypal are you promoting?
    estonijaan