Google-Protected Mobile Browsers Were Open to Phishing For Over a Year

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
Did you think your mobile browser protected you from phishing attacks?

A research project called PhishFarm suggests otherwise, claiming that mobile browsers protected by Google’s anti-phishing mechanism failed to detect any phishing sites between mid-2017 and late 2018. The study came from the Laboratory of Security Engineering for Future Computing (SEFCOM) (part of the Center for Cybersecurity and Digital Forensics at Arizona State University). The Anti-Phishing Working Group and PayPal also supported the work. Browser vendors identify phishing sites and typically add them to a blocklist, which the browsers will then use to stop you getting onto those sites. Google Safe Browsing (GSB) is one such blocklist, and it protects not only Google’s Chrome browser but also Safari and Firefox. Microsoft has its own blocklist, called SmartScreen, protecting its IE and Edge browsers.

Using cloaking techniques to hide their sites from certain viewers, phishing scammers hope to prevent their sites from falling onto these blocklists. The academic study shows that these cloaking techniques have been working. It also revealed a massive hole in GSB’s mobile browser protection that existed for over a year. The researchers created 2,380 phishing sites on new .com domains. They used one of five cloaking techniques for each site, based on the techniques used by real phishing kits, along with a control group using no cloaking.
Mobile versions of Chrome, Firefox and Safari failed to identify any of the test phishing sites protected with filters E and F, and wouldn’t even identify the same sites when uncloaked (group A), they explain. The problem was down to a new mobile application programming interface (API) in the Google Safe Browser that was supposed to optimize data usage but, in fact, broke protection for mobile browsers.
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
That's why you need extensions like Netcraft with PhishingFree etc or the anti-phishing feature of your AV to help you to protect against phishing sites. Don't depend on those features provided by the browser
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top