Safari 3.2 includes antiphishing tools

Apple quietly adds the security feature to its latest version of Safari. It's the last of the major browser vendors to offer antiphishing protection.

Robert Vamosi Former Editor

As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

See full bio

Robert Vamosi

Nov. 18, 2008 1:51 p.m. PT

Without fanfare, Apple has apparently added antiphishing to its Safari 3.2 release.

The new version of Safari, which was largely a security update and released last week, includes a new configuration option saying: "Warn when visiting a fraudulent website". It is configured to be on by default. So far, Apple is not talking about the enhancement, nor is there any documentation on the Safari site.

CNET tested the updated Safari 3.2 for Windows on various newly reported phish sites listed on DSLreports and PhishTank, and found none produced a warning. It could be that the phish sites being tested were not yet reported to the Google database or that the antiphishing update hadn't made it locally to our Safari browser for blocking.

According to Ryan Naraine at ZDNet, the alert displays standard language. It also includes two links, one to Google's explanation of a phishing site, the other to a Google Report an Error page.

Apple uses standard language when blocking a suspected phishing site. ZDNet

Apple is the last of the major browser vendors to offer antiphishing protection.

Microsoft uses its own antiphishing and anti-malware tool for Internet Explorer; Mozilla uses a combination of tools, including Google, for Firefox; Opera uses Haute Secure to provide bogus site warnings to end users; and Google uses its own antiphishing technology within its Chrome browser.