Netcraft Extension offers Heartbleed and phishing protection

Since two weeks when we posted about the Heartbleed bug, this deadly vulnerability has affected many trusted SSL web servers, putting users at the risk of compromising sensitive information to hackers. To stay safe from this deadly bug away you can make use of some browser extensions to warn you of Heartbleed affected websites. One such recently launched and useful tool is the browser extension from Internet security services provider Netcraft.

The Netcraft Extension for Opera, Chrome and Firefox offers Heartbleed and Phishing protection together. It allows you to see whether the websites you visit are still using potentially compromised certificates using data from Netcraft’s SSL Survey. If this is the case, the extension will also check to see if the site’s SSL certificate has been replaced; if it has not, then the site is considered to be unsafe, as the certificate’s private key could have been compromised.

Netcraft Extension

The free Netcraft Extension can be installed on Chrome, Firefox  and Opera browsers. Go here and click on the icon of the browser on which you wish to install the extension, as shown in the image. You can choose from Firefox, Chrome or Opera. NetCraft Extension

Here I have chosen the Chrome browser, and after clicking onto the Chrome icon we are redirected to the Chrome Web Store. Click on the “FREE” tab located on the upper right hand of the page. NetCraft Extension

As shown below soon you will be asked to confirm the “New Extension” . Select “Add” here. You have now added the extension to your browser.

 NetCraft Extension

After the extension is added, the Netcraft logo can be spotted in the upper left hand corner of your browser. You can see the extension logo below in the image.

 NetCraft Extension

Check the website using Netcraft Extension

To check the website’s Heartbleed security status, click onto the Netcraft’s extension icon and you will see a pop-up windows displaying site status that includes risk rating, country of origin, Site rank, date of creation and host’s name.  NetCraft Extension

In the case of a site being detected as potentially unsafe, the extension will notify the same by indicating a bleeding heart icon.

Features of Netcraft Extension

  • Provide detailed site reports
  • Shows Risk Ratings evaluating characteristics of the website
  • Protection against phishing sites
  • Protection against cross site scripting (XSS)
  • Conveniently report suspected phishing & fraudulent sites
  • PFS indicator – check if sites using SSL for encryption support Perfect Forward Secrecy (PFS).
  • Heartbleed indicator

The Netcraft Extension is a must have tool that can help you protect against Heartbleed bug. Apart from indicating which sites are using a certificate potentially compromised using Heartbleed. It also protects you from phishing attacks by displaying the hosting location and risk rating of every site you visit, and lets you help to defend the internet community against fraudsters.

The only disappointment is that currently this tool is not available for Internet Explorer.

Posted by on , in Category Security with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

5 Comments

  1. Butch Tracy Johnson

    is there something like this for IE ?

  2. Funny. I would have answered “predictably, no.” But, hey… that’s just me. [grin]

    __________________________________
    Gregg L. DesElms
    Napa, California USA
    gregg at greggdeselms dot com

    Veritas nihil veretur nisi abscondi.
    Veritas nimium altercando amittitur.

  3. The “ChromeBleed” extension you recommended — when was it… last week, I think; a couple weeks ago, maybe — works exceptionally well. I’m quite impressed with it.

    For anti-phishing, Chrome (and Chromium, too) have a setting for that (which works kinda’ okay); and for those of us who use OpenDNS, instead of the DNS that our Internet access providers provide, phishing is simply not a problem. None of it can get through. None.

    And so the ChromeBleed extension, with its single-minded focus on just HeartBleed, works perfectly for at least me… for whatever that’s worth. I was initially hesitant, as you know, because every extension one adds just bogs-down Chrome a little more; but ChromeBleed’s pretty light, it seems. Doesn’t slow-down a thing. It’s a nicely-written, simple, no muss, no fuss little extension…

    …that actually works! Thanks for recommending it!

    __________________________________
    Gregg L. DesElms
    Napa, California USA
    gregg at greggdeselms dot com

    Veritas nihil veretur nisi abscondi.
    Veritas nimium altercando amittitur.

  4. Your answer is better than mine! And more accurate! 😀

Leave a Reply

Your email address will not be published. Required fields are marked *


3 + 5 =