Firefox has a built-in phishing filter that checks whether a site is blacklisted, and warns the user of the potential fraud and information theft a phishing site could do. It uses Google’s database or a downloaded list of sites according to the user’s preference.
What follows is a quote from The irc.mozilla.org QDB, which caught my attention. Not only because I understood it, but also because I’ve already done it. It talks about a certain exploit to Firefox’s phishing protection/filter system.
Someone nicknamed Hixie[1] stated:
woah
i think i just found a semi-serious issue with the phishing protection in firefox
i went to a site that triggered the warning
and my immediate reaction (without really thinking) was “oh i wonder why that is blocked, let’s have a look” and i immediately opened it _in IE_.
possibly the worst thing i could have done.
I just realized the gravity of the situation when I remembered doing the same mistake he just said a lot of times before. But, it came to me that there is just no workaround to curiosity.
Oh, wel— … Hmmm …
… But then again, there’s Linux.
Footnote:
- ^ I guess this is Ian Hickson, but I’m not so sure.