Friends,

I understand that Safari does not offer Phishing protection as IE offers?

Are there real dangers of using Safari without this layer of protection?

Thank you.

It sounds rude to say, but to be completely honest, only if you're an idiot.

Agreed, if you fall for a phishing ploy you must be pretty stupid... I mean shit, they totally copy official looking web sites & use a totally feasible story line and if you have never heard of phishing you must be either pretty stupid.... or just poorly informed... or perhaps a older user or a kid?

I have never really known what phishing is and why would I really to any great detail?

I saw a segment on Sunrise the other day and the I.T. guy on the show was talking about it saying that these hackers highjack the real site and can direct people away from that to theirs and swindle you.

The Gadget Guy shows his ignorance yet again. They don't hijack the real site, they lure you to their fake site with hoax e-mails.

Just give me your bank details and password and I will explain

Actually that is NOT what is said, he was talking about hackers attacking the DNS system to re-direct people to a Phising Website. DNS Hijacking and DNS Poisoning.

However as much as I really want you to get your facts right on what he said, I really hate to say you are right with the statement "The Gadget Guy shows his ignorance yet again" per his solution.

http://au.lifestyle.yahoo.com/b/sunr...ternet-plugged

I quote from him "The only way this can be stopped is to make sure you have adequate protection on your computer.. that is firewall and virus software protection"

As 'angel_nightfire2000' comments "Hocking some specific products to "fix" a problem that has existed is dangerous in that it trivializes Information Security to one placebo."

Which is absolutely spot on. Information Security dumbed down for the masses just to make them buy more product that may not protect them. I hope someone gets sued for providing such advice when later a back account is emptied via some poor saps computer that had everything secure with only firewall and virus software protection.

Anyway as 'angel_nightfire2000' further comments this problem also applies to Mac & Linux, and this is why Browsers like Firefox 3 have anti-Phising features, which don't stop you from ending up and a Phising site, no matter how you end up there, but alert you that you are not at a legit site, so you can take action to protect yourself.

Remember this story from a few months back? It is all related.

PayPal thinks Safari is too vulnerable to phishing scams & PayPal to block Safari use.

The dude is a puppet who is paid to say the words and sell stuff to his age demographic.
Your Mum & Dad see him and say, "shit, if he can get into this stuff (even though he is supported by a couple of producers), so can I.

The Gadget Guy is more like the' dyed hair and capped teeth making a sale' guy!

Phishing refers to sending out emails that look like they are legitimate emails from usually a financial institution, eBay or other large site. The emails contain a link going to what looks like the legitimate site for that company, but are really a hoax site designed to steal your details, so that the creators can steal your money or account with that company.

The emails are usually scary sounding, such as saying that your account has been closed, locked, under investigation for fraud (ironically!) or the like.

Phishing detection works on the idea that the URL for the web site is not the correct one, ie: instead of, say, http://yourbank.com it would be http://some.other.site.com/yourbank.com. This is why banks always warn you to check absolutely that the url in your browser is for the bank itself.

I am sorry Currawong but you are still missing the point of this subject.

Newer browsers like FF 3 have aids to help you detect these hoax Phishing sites.

Whilst the Gadget Guys solution was way off mark, he was still referring to DNS Hijacking and DNS Poisoning and not Phishing emails.

The bottom line is this...

Regardless of whether you get a Phishing email or not, if a Website is compromised due to DNS Hijacking or DNS Poisoning then is your browser going to warn you or not, regardless of if you check the URL or not.

Banks may start demanding a browser that does warn you, without any care of if you check the URL or not.

Again I say read this: PayPal thinks Safari is too vulnerable to phishing scams : Gina Hughes : Yahoo! Tech

One feature Safari lacks is a built-in phishing filter that warns users of suspicious websites. The other security feature missing is the lack of support for Extended Validation (EV) certificates. In IE 7, this feature turns the address bar green when the browser visits a legitimate site.

I believe this is what Chrisflyer meant by starting this thread.

I reckon it slows the browsing down from experience using IE7 + phising protection on, and I still think its common sense when you click links you just need to be aware of what site your on anyway, not too hard.

Well after using Safari since I switched I can't say that I have experienced any issues with web sites, but then again I don't visit P0Rn, warez or MP3 rip off web sites so I guess and avoidance of illicit areas of the internet is the best technique.

The trouble is that banks, etc may require you to turn on phising protection regardless of if you are this savvy or not.

It won't matter what site you are on, illicit areas or not, if DNS Hijacking and DNS Poisoning is happening.

My Grandpa rang me up all worried a couple of weeks back saying that he'd received an email saying that his Paypal account may have been compromised and some money might have been taken from him, and could he please log in to check the details. He was very worried that someone may have taken some money from him. The biggest problem turned out to be this:

"What is Paypal anyway... I don't think I have an account with them in the first place... but should I check anyway?"

Long story short, it's up to the user to protect themselves against phishing attacks, and use common (or as it might seem, uncommon) sense.

You, I am sorry, like some others here, are still missing the point, and also what this thread subject is about. Get stuck out of your grove and listen up, otherwise we are all doomed. Doomed I say!