firefox seems to be better than safari at preventing phishing websites from opening.

Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
I got time on my hands to tinker around with IT stuff... experiment.

On my old iMac, El Capitan, no extensions installed in either browser, DNS network settings set to use 1.1.1.1. I go to openphish (dot com)... I like to click the live phishing links on this site to see what happens, what they look like, etc. I just click a link to visit the phishing site. I don't install any software. Doing this just to see what happens, to learn and be informed....

Ive noticed that Safari will almost always open a phishing site/link without warning me that it's a dangerous site, where Firefox almost never opens the site and warns me that the site is dangerous.

Just wanted to share this... pretty important find I thought... the best way to protect users from phishing sites is to not let them open the link/site in the first place.


I like Safari, but I don't trust it as much, and it wont let me disable history which I find really annoying. :)
 
Last edited:

chscag

Well-known member
Staff member
Admin
Joined
Jan 23, 2008
Messages
65,248
Reaction score
1,833
Points
113
Location
Keller, Texas
Your Mac's Specs
2017 27" iMac, 10.5" iPad Pro, iPhone 8, iPhone 11, iPhone 12 Mini, Numerous iPods, Monterey
What happens when you perform the same test with the latest version of Safari and from Mojave or Catalina?
 
Joined
May 21, 2012
Messages
10,702
Reaction score
1,158
Points
113
Location
Rhode Island
Your Mac's Specs
M1 Mac Studio, 11" iPad Pro 3rdGen, iPhone 13 ProMax, Watch S7, 2018 15" MBP, AirPods Pro
What are the Security settings for both browsers? Are the defaults any different?


Sent from my iPad using Mac-Forums
 
OP
macgig
Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
I have Mojave on my 2015 imac, but I've not been crazy about the idea of opening up live phishing links on my main mac that has sensitive data on it... so I've not tried it yet. And none of my macs have Catalina installed. My 2007 imac Has no personal data on it to be stolen if for some reason something went wrong. Great question though...


What happens when you perform the same test with the latest version of Safari and from Mojave or Catalina?
 
Last edited:
OP
macgig
Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
great question answers below. I can see that Firefox has more security settings than Safari does...


On safari 11.1.2,

security tab> warn when visiting a fraudulent site is checked/on. enable javascript and block pop up windows is also checked/on

Privacy tab> cookies and website data is set to "allow from websites I visit". ask websites not to track me is also checked/on.

no extensions are installed.

advanced tab> show full website address is checked.

firefox 70.0.1

general> network settings… settings… Enable DNS over HTTPS is checked/on

privacy and security tab> custom> cookies are checked to block cross site and social media trackers, tracking content in all windows is checked, Crytominers is checked, fingerprinters is also checked.

not saving any logins or passwords.

no extensions are installed.




What are the Security settings for both browsers? Are the defaults any different?


Sent from my iPad using Mac-Forums
 
OP
macgig
Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
Safari 13.0.3 did a better job of warning me about the phishing links and not allowing me to open them, so that is good to know. just tried that on my newer imac.
 

chscag

Well-known member
Staff member
Admin
Joined
Jan 23, 2008
Messages
65,248
Reaction score
1,833
Points
113
Location
Keller, Texas
Your Mac's Specs
2017 27" iMac, 10.5" iPad Pro, iPhone 8, iPhone 11, iPhone 12 Mini, Numerous iPods, Monterey
Safari 13.0.3 did a better job of warning me about the phishing links and not allowing me to open them, so that is good to know. just tried that on my newer imac.

Thanks for testing. I had thought that Apple upped the security on the latest versions of Safari. I believe it may even be more enhanced with Catalina. I can't test it myself because for now I can not run Catalina on my primary machine since I have a 32 bit app that I need to keep.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top