Google   
Google Safe Browsing for Firefox BETA
New! Google Safe Browsing and Google Suggest are now a part of the Google Toolbar for Firefox.

Frequently Asked Questions

  1. What browsers does this extension work with?
  2. What is Firefox and where can I get it?
  3. Why isn't this extension working with my Firefox?
  4. What is phishing?
  5. How can I tell if a page is a fake?
  6. How does Google know a page is bogus?
  7. What does an alert look like?
  8. How do I report a page that I think is phishing?
  9. You're flagging a legitimate page as a potential phishing site. How do I get this fixed?
  10. Does this feature protect me against viruses, spyware, and all other evil things?
  11. What is the Enhanced Protection Feature?
  12. What information is sent to Google when I enable the Enhanced Protection Feature?
  13. What if I have a question or problem that isn't answered here?


1. What browsers does this extension work with?

This extension works only with Firefox version 1.5 and later. It doesn't work in the Mozilla Suite, Internet Explorer or Opera.

2. What is Firefox and where can I get it?

Mozilla Firefox is an open-source browser that you can get from www.mozilla.com/firefox/.

3. Why isn't this extension working with my Firefox?

For the extension to work, you must be using version 1.5 or later of Mozilla Firefox. You can check which version you're using by clicking the "Help" menu, then selecting "About Mozilla Firefox."

Google Safe Browsing must also appear in your browser's list of extensions. To see this list, click the "Tools" menu and then select "Extensions." If Google Safe Browsing appears, make sure it's enabled. You can enable it by right-clicking the extension name, selecting "Enable" and restarting your browser.

4. What is phishing?

Phishing is a particularly popular scam in which a party creates an official-looking web page that asks you to provide your username and password, or other personal information such as your Social Security number, bank account number, PIN number, credit card number, or mother's maiden name or birthday.

In many cases, you'll receive a link to this phishing page via an email which claims to come from an official-looking (but probably forged) address. You can also end up at these pages by following links that you find on the web or in IM messages.

5. How can I tell if a page is a fake?

The best thing to do is to check the page's URL to make sure it's actually controlled by the party it appears to be controlled by. The crucial part of the URL is the part between the http:// and the next slash ('/'). (If there's no slash, start at the end of the URL.) This is the part of the URL that determines site ownership. Some popular domains, for instance, are amazon, google, and ebay:

http://www.amazon.com
http://www.google.com
http://www.ebay.com

In some cases, URLs will be a bit more complex; be sure to check the name listed immediately to the left of the top level domain (.com, .net, co., uk, etc.).
For instance, http://www.google.com, http://news.google.com and http://www.google.com/firefox/ are all part of the same site. However, google.com.fraudulentdomain.com/login.html is NOT! Neither is www.g00gle.com (note that in this URL, the letter o is replaced by the number 0).

Tip: Since a forged URL can look very similar to a genuine one, it's safer to use a bookmark you've created or to type the URL into the location bar by hand instead of following links from your email. This is important for any page where you're asked to log in or provider private information.

 Additional Resources: antiphishing.org

6. How does Google know a page is bogus?

We use several techniques to determine whether a page is genuine, including the use of a blacklist containing pages that have been identified as suspicious and/or misleading based on automated detection or user reports. Our software also examines pages' content and structure in order to catch potentially misleading pages. Google Safe Browsing can't offer perfect protection, so you should always be on the lookout for indications that a site isn't what it appears to be. But Google Safe Browsing can help identify and protect you against many of the sites designed to trick users.

7. What does an alert look like?

When we suspect that a page is bogus, an alert will appear on the page:



You can visit out test page to see it in action for yourself.

8. How do I report a page that I think is phishing?

If you find a page that you believe is pretending to be another page in an attempt to steal users' information, please report it to us.

9. You're flagging a legitimate page as a potential phishing site. How do I get this fixed?

If you believe that Google Safe Browsing is incorrectly identifying a page as suspicious, please do report it to our team. We work hard to act quickly on all such reports.

10. Does this feature protect me against viruses, spyware, and all other evil things?

Sorry, but no &mdash Google Safe Browsing only protects against phishing attacks, and even for those it can't offer foolproof protection (although we're working on it). You still need to watch out for all the other bad things that can happen on the wild, wild web.

11. What is the Enhanced Protection Feature?

If you enable Enhanced Protection, the Google Safe Browsing Extension will provide more up-to date protection by sending encrypted URLs of sites that you visit and limited information about the site content to Google for evaluation. For information about how we protect your privacy in this and other usage data, please see the Google Privacy Policy.

12. What information is sent to Google when I enable the Enhanced Protection Feature?

When enabled, the entire URL of the site that you're visiting will be securely transmitted to Google for evaluation. In addition, a very condensed version of the page's content may be sent to compare similarities between authentic and forged pages. For example, if the condensed 'fingerprint' of the page you are visiting matches the 'fingerprint' of a popular bank's site but the page's URL is different, that's a good sign that the page you are on is designed to mislead users.

If you disable Enhanced Protection, no information about the pages you visit will be sent to Google unless you visit a page Google Safe Browsing identifies as potentially unsafe. In this case, we will only send the action you choose to take to help refine our anti-phishing algorithms. Please note that enabling Enhanced Protection gives the Google Safe Browsing extension access to the most up-to-date fraud information about each page you visit.

Please see our Privacy Notices for privacy information regarding Google Safe Browsing.

13. What if I have a question or problem that isn't answered here?

Email us at labs+safebrowsing@google.com or discuss this extension in our Google Group.

©2007 Google - Terms of Use  Privacy Notices