Netcraft Toolbar review: Netcraft Toolbar

Known more for its network tools, Netcraft also provides a free toolbar for Firefox and Internet Explorer that checks Web sites for malicious or suspicious content. It stops URLs containing characters designed to deceive, maintains navigational controls within a browser, and displays a site's hosting location--for example, a local U.S. bank hosted in Russia might be fraudulent. But the Netcraft toolbar won't integrate with your search results page to identify possible fraud sites; you'll need to click to be warned. Still, the price is right--it's free.

The Netcraft toolbar flags suspicious content before you download it onto your browser.

We had no trouble installing the Netcraft toolbar on Firefox 2 and Internet Explorer 7. The Netcraft toolbar is not available for Opera. The toolbar can be customized and reconfigured in a number of ways, though the default setting displays many useful tools. Under the Netcraft logo you'll find a drop-down menu that offers ways to report phishing sites and report bugs, a glossary of terms used, FAQs, stats on the phishiest countries reported by Netcraft, the phishiest Web hosts, the most visited Web sites, and corporate-branded toolbars. You will also find stats on Web server software and other minutiae that most people won't bother to read, such as the number of people switching hosting providers in the last two calendar months. The more useful parts of the toolbar are the visual graphics showing more red for malicious hosting sites and more green for safe sites. There's also an icon of the host server's country of origin.

The toolbar includes a variety of helpful services, including a report of Web host services hosting the most phishing sites as reported by Netcraft.

We found the Netcraft toolbar played well alongside other secure browsing tools like McAfee SiteAdvisor (both free and paid) and Exploit Prevention Labs Linkscanner Pro, as well as with the native protection provided by Firefox 2 and Internet Explorer 7, even when we used all of them simultaneously. Should you ever want to uninstall the Netcraft toolbar, we had no trouble doing so.

Unlike Linkscanner Pro and SiteAdvisor--which both display their safety ratings over your current Google, Yahoo, or Live.com search result page--the Netcraft toolbar does not overlay its own ratings. And, despite an option to block cross-site scripting attacks, we still found a few defaced dangerous sites that Netcraft did not flag.

One defaced Web site, a Massachusetts-based restaurant Web site, was infected with a malicious Trojan. By viewing the source code of the page, we could see the hacker-added iframe script at the very bottom; in this case it called out to a site in Korea known to host malicious code. Another example was a sex site hosted in a foreign country; it hosted (deliberately or not) a malicious WMF file. With the Netcraft toolbar we were able to access both sites, and we were also asked whether we wanted to install the tainted WMF file. Similarly, neither SiteAdvisor nor the antiphishing protection within Firefox 2 or Internet Explorer 7 blocked our access to these sites. Only Linkscanner Pro flagged us, allowing us access to the sites only after stripping out the malicious content.

But Linkscanner Pro failed to identify most of the suspected phishing sites we visited; and that's where the Netcraft toolbar truly shines. Using 10 sites recently reported to a reputable, independent phish-tracking site, we found that the Netcraft toolbar identified and blocked access to all 10 sites, tied with the premium version of McAfee SiteAdvisor Plus; the next best tools were Linkscanner Pro and Firefox 2, each identifying or blocking access to 7 suspected phishing sites; they were followed by Internet Explorer 7 which blocked an abysmal 5 sites. The free edition of McAfee SiteAdvisor gave us inconsistent results over the five days we tested it, and was not ranked. In general, we found that IE 7 (at the bottom of our results pile) consistently failed to catch phishing sites less than one hour old, although IE 7 caught all phishing sites known for at least an hour or more. Most phishing sites are removed after their initial 72 hours.

One cool report shows the country of origin for servers that host the most phishing attacks reported by Netcraft.

The toolbar is free, so Netcraft does not provide live technical support. It does, however, provide a thorough glossary of terms, and a fairly complete FAQ, both accessible from the toolbar itself.

We've been using the Netcraft toolbar for our own defense against phishing and recommend it for that purpose. The price is right, and the protection is solid.