Back to Blog

Ebay Toolbar Provides Phishing Defense

 


 

We’ve been a proponent of increasing your presence on the desktop through browser toolbars, pushed content, and other means . We were looking at it from a usability and marketing standpoint. It turns out there’s another use, as a security enhancement.

04-april-b15.jpg

Leave it to eBay to come up with the first proactive anti-phishing system. Ebay toolbar users received the Account Guard upgrade in February. It has two functions. First, whenever a user visits a valid eBay URL, the background color of the account-alert section of the toolbar changes to green. It’s a subtle but effective technique – quite noticeable when a spot on the top browser controls suddenly changes color, and much more effective than a locked or unlocked padlock in the lower corner. Second, an optional feature launches an alert box whenever you type your eBay username into a non-eBay URL.

It’s not a foolproof system. It only protects against browser-based phishing. It wouldn’t guard against phishing attacks that ask users to update their account within the body of a phony HTML email. We’ve also heard that it’s possible to spoof the toolbar itself, pasting a phony one at the top of a fake browser.