A Mozilla [Firefox] extension for anti-phishing support

About AntiPhish

Phishing is a form of online identity theft that aims to steal sensitive information such as online banking passwords and credit card information from users. Phishing scams have been receiving extensive press coverage because such attacks have been escalating in number and sophistication. According to a study by Gartner, 57 million US Internet users have identified the receipt of e-mail linked to phishing scams and about 2 million of them are estimated to have been tricked into giving away sensitive information. AntiPhish is a Mozilla [Firefox] browser extension that aims to protect users against spoofed web site-based phishing attacks. To this end, AntiPhish tracks the sensitive information of a user and generates warnings whenever the user attempts to give away this information to a web site that is considered untrusted.

Documentation / Publications

AntiPhish is a research prototype. Hence, we do not provide a complete user guide (yet). If you have any questions, feel free to contact the authors.

These papers give a pretty good overview of the tool and describes how it works:

Engin Kirda and Christopher Kruegel, Protecting Users agains Phishing Attacks with AntiPhish, 29th Annual International Computer Software and Applications Conference (COMPSAC 2005), Edinburgh, Scotland, July 2005

Engin Kirda and Christopher Kruegel, Protecting Users against Phishing Attacks (Best of COMPSAC 2005), The Computer Journal, Oxford University Press, 2006.

Thomas Raffetseder, Engin Kirda, and Christopher Kruegel, Building Anti-Phishing Browser Plug-Ins: An Experience Report, The 3rd International Workshop on Software Engineering for Secure Systems (SESS07), 29th International Conference on Software Engineering (ICSE), Minneapolis, IEEE Computer Society Press, May 2007


  • The Mozilla [Firefox] browser.


    If you are already using Mozilla extensions, then ignore this part of the document. If you are new, keep reading: First, download AntiPhish and store it somewhere on your computer. Next, press CTRL-O (or go to the File menu item and then choose Open). Pick the AntiPhish extension file you've just downloaded. You will see a dialog where you can press the Install button. That's it.

    Running and using it

    AntiPhish is an application that is integrated into the web browser. It keeps track of a user's sensitive information (e.g., a password) and prevents this information from being passed to a web site that is not considered ``trusted'' (i.e., "safe").

    The development of AntiPhish was inspired by automated form-filler applications. Most browsers such as Mozilla or the Internet Explorer have integrated functionality that allows form contents to be stored and automatically inserted if the user desires. This content is protected by a master password. Once this password is entered by the user, a login form that has previously been saved, for example, will automatically be filled by the browser whenever it is accessed. Antiphish takes this common functionality one step further and tracks where this information is sent.

    After AntiPhish is installed in Firefox, it creates two menu items: You'll find it in the Tools menu and in the pop up menu when you press the right mouse button (check out the screenshots). Using the AntiPhish menu items, you can activate or deactivate it and cache information that you would like to be protected against phishing attacks.

    AntiPhish menu
    1.) Screenshot showing the AntiPhish menu item in the main menu


    AntiPhish is licensed under the Mozilla Public Licence Version 1.1.


    Follow this link to get AntiPhish: AntiPhish Version 0.1 (antiphish.xpi)


    AntiPhish was designed and written by Engin Kirda and Christopher Kruegel.

    Last Modified: Mon Apr 20 09:58:23 CEST 2015

  • International Secure Systems Lab