Protect yourself from fraudulent websites

The Phishing Filter in Internet Explorer should be switched on by default, but to make sure open the browser and click the Tools menu (located in the top right-hand corner of the window). Select Phishing Filter and Phishing Filter Settings in the sub-menu that appears. This will open the Advanced Internet Options dialogue box. In the long list of topics scroll down to Phishing Filter near the end and make sure the ‘Turn on automatic website checking’ radio button is selected. If it isn’t, click to select it and then click OK. A warning message points out that from now on the addresses of website you visit will be sent (anonymously) to an anti-phishing checking service – click OK.

In the Firefox browser there is also a phishing filter. Find it, and the options relating to it, by opening the Firefox browser and clicking the Tools menu, then Options. When the options dialogue box appears, click on the Security tab. This tab has three options at the top: the second and third of these (‘Tell me if the site I’m visiting is a suspected attack site’ and ‘Tell me if the site I’m visiting is a suspected forgery’) make up the phishing filter. Both of these should be ticked by default, but if they are not, click each box to tick it and click OK. The box above, marked ‘Warn me when sites try to install add-ons’, should also be ticked.

We can test if the filter is working in each browser using a safe website set up by Mozilla, the maker of Firefox. There is nothing dangerous about it, but it has been deliberately marked as bad to give us a safe site with which to test browser security. To use it open either browser, type www.snipca.com/x549 into the Address bar and press Enter. In both cases the browser will tell you that the site has been reported as a potential risk and that you should not continue. Also, parts of the window turn red to indicate danger.

If you are using Internet Explorer to visit a site that has not been reported, it is possible to double check. Click the Tools menu (as in Step 1), then select Phishing Filter and Check This Website from the sub-menu. The same warning as earlier will be displayed, explaining that the browser is about to send the details of the site you are visiting to the checking service, and then click OK. If the site is clean a confirmation message will appear. Bear in mind that the filter is not 100 per cent reliable: it will never contain every single phishing site in the world, because new ones appear frequently.

Suspicious websites can be reported in either browser. In Internet Explorer, click the Tools menu and select the Phishing Filter, then select Report This Website. A new window will appear in which you will be asked to tick a box confirming that you think the site is suspect and enter some text for security reasons. Click Submit and a confirmation message will appear. In Firefox, click the Help menu and select Report Web Forgery. Again, a window will appear and you will be asked to enter some text for security and to add some comments about the suspect website. Click Submit Report when satisfied. Reporting a site will not add it to the list straight away, but if the blocking service receives several reports it will take a look.

Internet Explorer 8 has been out for a while now but it’s not a compulsory upgrade, so you may not be using it yet. If you are, though, things have changed slightly. The phishing filter is still there but it’s now called the Smartscreen Filter and it blocks various online threats, not just phishing sites. The appropriate options are to be found in the Safety menu, rather than Tools: click Safety in the top right-hand corner of the window, and select Smartscreen Filter from the menu. If ‘Turn On Smartscreen Filter’ is shown, click that to turn it on. The Report option is now called ‘Report Unsafe Website’.