News
Commentary
1/24/2005
06:18 AM
Connect Directly
RSS
E-Mail
50%
50%

Mozilla Gets A Phishing Fix

Thunderbird, Mozilla's open-source messaging client, hasn't yet won the same giant-killing reputation as its older sibling, Firefox. Recently, a group of developers checked a new feature into the Thunderbird code tree that demonstrates how it could, like Firefox, hit the big time by attracting users who are tired of having their pockets picked every time they go online.

Thunderbird, Mozilla's open-source messaging client, hasn't yet won the same giant-killing reputation as its older sibling, Firefox. Recently, a group of developers checked a new feature into the Thunderbird code tree that demonstrates how it could, like Firefox, hit the big time by attracting users who are tired of having their pockets picked every time they go online.

The feature is a simple but promising phishing detector. Some of the most common phishing scams involve HTML email that displays one URL in the message body but actually takes the user to a different site--one where the scam artist quickly relieves victims of their privacy, their money, or both. The current version of the feature, which is available in some Thunderbird development builds, works when the email body text displays one URL, but the actual URL uses an IP address or a different domain name. If the user clicks on a suspicious link, Thunderbird displays a warning and asks the user for a confirmation before allowing a Web browser to open the link.

This is the developers' first stab at implementing the feature, and as they admit, there's plenty of room for improvement before it appears in a production release. But it's a wonderful idea, and it would be great to see this or something like it implemented in Thunderbird 1.1.

As for the other email clients on the market today, especially Microsoft Outlook, the Thunderbird contributors' work begs the question: Why hasn't anyone else thought of this? Outlook already makes Internet Explorer look like Fort Knox; if the Thunderbird development community keeps thinking like this, it might give more Outlook users--or at least the ones not at the mercy of a corporate IT department--a good reason to switch.

Update (Jan.24, 22:26): One of my colleagues, Don St. John, alerted me to an email client with a working anti-phishing feature. Eudora 6.2 opens a pop-up warning when a user mouses over a suspicious link, and the software requires a confirmation before opening a phishy link. If anyone else knows of products with similar features, let me know, and I'll add them to the list.

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 24, 2014
Start improving branch office support by tapping public and private cloud resources to boost performance, increase worker productivity, and cut costs.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.