Last week I wrote in my WSJ.com/AWSJ column (sub required) about the cross site scripting phish I received a few weeks ago (it appeared late because of the Easter holiday.) The point I made in the column is that most of the browser toolbars designed to prevent phishing failed to warn the user of the attack.
Some readers have asked which toolbars didn’t work. I didn’t have space in the column to list them, but I did mention that one worked: Netcraft’s Anti-phishing Toolbar. Sadly it only works with IE, but since most banking sites still insist on only functioning in that browser, this is not too much of a handicap. Netcraft are actually an interesting, serious bunch of people who do good work, not least their DNS search engine. (They also measure server traffic, and pointed a few days back to a burst in visits to the Vatican’s website as the Pope lay on his deathbed.)
Anyway, next posting I plan to list the toolbars that didn’t work on the Charterone phish.