Author Topic: Avast 7 anti-phishing protection: Is it really needed?  (Read 3624 times)

Offline VanguardLH

  • Jr. Member
  • **
  • Posts: 90
    • Personal Message (Offline)
Avast 7 anti-phishing protection: Is it really needed?
« on: February 26, 2012, 10:17:38 AM »
I saw the popup saying there was a program update to Avast (free).  Uffda, didn't realize it was a major version change (6 to 7).  After the reboot, found that WebRep was installed and enabled.  Apparently the Avast7 installer doesn't honor the current settings since I had it disabled before.  Oh well, I disabled it but noticed there was now the addition of an anti-phishing option.

In IE8 when I look at the list of all installed add-ons, the WebRep add-on is listed twice.  Twice?  Why twice?  Both instances listed are for version 7.0.1407.0 with the same 02/23/2012 datestamp. 

I was trying to find out how Avast was incorporating its anti-phishing option into IE but couldn't see a separate add-on for it.  If I disable the WebRep add-on again, do I lose the anti-phishing protection by Avast? 

Why would I want 2 sources for anti-phishing protection (Microsoft's own SmartScreen Filter and now Avast's option)?  Which is better?  Why would Avast's be better?  Should I disable Microsoft's if using Avast's?

Note: When I disable the WebRep add-on in Avast's config GUI, the add-on is still listed as "Enabled" in IE8's programs list for add-ons.  To fully eliminate the WebRep add-on, I had to use Avast's config GUI to uninstall it.  Of course, that also means that I lose whatever was this new anti-phishing protection.
« Last Edit: February 26, 2012, 10:22:19 AM by VanguardLH »

Offline Asyn

  • avast! √úberevangelist
  • Maybe Bot
  • *****
  • Posts: 24973
    • >>>  avast! Forum - Deutschsprachiger Bereich  <<<
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #1 on: February 26, 2012, 10:33:37 AM »
If I disable the WebRep add-on again, do I lose the anti-phishing protection by Avast? 

Yes.
XP SP3 - avast! 9.0.2018 - CIS 3.14 [FW/D+] - MBAM 1.75 [On Demand] - Firefox ESR 24.4 [NS/ABP/EHH/BP] - Thunderbird 24.4 [EM/CH]
Deutschsprachiger Bereich -> avast! Wissenswertes (Downloads, Anleitungen und Infos): http://forum.avast.com/index.php?topic=60523.0

Offline VanguardLH

  • Jr. Member
  • **
  • Posts: 90
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #2 on: February 26, 2012, 10:44:59 AM »
It looked like uninstalling the add-on would remove both the WebRep and anti-phishing options since they options are listed together; however, with two "WebRep" add-ons listed when installed and both options are enabled, it was possible that one was for the old WebRep function and the other same-named add-on was for the anti-phishing function.  I could leave the WebRep add-on installed with the WebRep function disabled and the anti-phishing function enabled - but I'd like to get more info on the anti-phishing option and why I would need Avast's creation over someone else's (like Microsoft's already in IE8+).

I don't care for the WebRep add-on (the WebRep function to rate sites).  I've used similar security products in the past (e.g., WOT, McAfee SiteAdvisor, others) but discarded them all.  Way too many unlisted/unknown sites and reputations that are too old (good sites that are now bad but still listed as good, bad sites that fixed their problem and are now good but still listed as bad) plus I don't care for community-style voting by non-experts on whether a site is good or bad.  However, I was curious what Avast brought to the table with their anti-phishing option.

Obviously Avast thinks they have added some value with their anti-phishing option but they don't provide any info on it (that I've found yet).  I have to wonder whose anti-phishing list they are using that isn't already incorporated by Microsoft's SmartScreen filter (and, I think, Firefox also has anti-phishing protection).  I might reinstall the WebRep add-on (odd that it appears TWICE in the add-ons list) if I knew there was something stupendously fantastic about Avast's anti-phishing filter that was superior than the same from other vendors.
« Last Edit: February 26, 2012, 11:10:53 AM by VanguardLH »

Offline Alievitan

  • Full Member
  • ***
  • Posts: 138
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #3 on: February 26, 2012, 12:34:00 PM »
You can use the browser plugin exclusively for the phishing list.  Just go to "plugin settings" then uncheck "enable Webrep" then uninstall and reinstall the plugin from the GUI for the settings to take effect.  You can never get enough phishing protection b/c no single phishing list will catch them all.   

I tested the browser plugin so I can confirm it works without webrep and it seems to use a different list from Smart Screen filter, Google Safebrowsing, and Phistank. 

Offline FlyingRobot

  • Full Member
  • ***
  • Posts: 105
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #4 on: February 26, 2012, 05:05:35 PM »
Looking at some screenshots, I notice that the Enable phishing filter checkbox is not a child of the Enable WebRep checkbox.  If the phishing filter were conditional upon WebRep being enabled, it should be a child checkbox that is deactivated when the Enable WebRep checkbox is unchecked.  So it would be logical to believe the phishing filter is separate from and not conditional upon WebRep being enabled.  It would also be logical to believe that no browser plugin named "WebRep" need be installed in order to have phishing filter functionality.

In Avast 6, WebRep is separate from the malicious URL blocking (a category which I would expect to include phishing).  I don't use WebRep, I don't have any avast browser plug-ins installed, but avast has occasionally blocked a URL.  Keeping malicious URL blocking separate from plug-in makes sense for reasons including the fact that avast doesn't have, and will never have, plug-ins for all the different web browsers proper let alone other software programs that have HTTP, etc functionality.  A logical place for it is in a shield/proxy rather than a browser plug-in.

Given such things, I'm surprised and confused by some of the comments here.  It kind of sounds as though avast 7 might:

1) Use a significantly different approach to blocking malicious URLs: the functionality being moved from shield/proxy to browser plug-in
2) Utilize a plug-in named "WebRep" to accomplish WebRep functionality, and also utilize a plug-in named "WebRep" to perform the malicious URL blocking.

Could someone elaborate a bit more on this? 

Offline Dch48

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2786
  • Gender: Male
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #5 on: February 26, 2012, 06:37:34 PM »
I don't think the phishing protection is needed when you already have that in your browser. I use IE9 almost exclusively  and I hate the way WebRep is implemented in it like a whole toolbar so I have uninstalled the browser plugin entirely.
HP6140 Laptop, AMD A8-3500M Quad Core APU, 6GB RAM, Windows 7 Home Premium 64 SP1, IE10 & Outlook 2007,  Comodo Internet Security 6.3, MBAM on demand
Google/Asus Nexus 7 tablet, Tegra 3 quad core 1.3ghz, 32GB storage, Android 4.4.2, Dolphin browser, TrustGo Mobile Security
HP 5215us laptop, AMD Turion64 single core CPU, 2GB RAM, Windows 8.1 pro 32 bit, IE11 & Outlook 2007, Comodo Internet Security 6.3--- All machines behind a NAT router

Offline FlyingRobot

  • Full Member
  • ***
  • Posts: 105
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #6 on: February 26, 2012, 07:28:31 PM »
I think before one accepts a solution that just works at the level of a specific browser, they should consider what else might be acting as a browser.  So for example you say you use IE9 *almost exclusively*, raising the question: what other browser do you use, and does it have its own malicious URL protection?

Many different types of software programs effectively act like web browsers.  Some utilize the same lower level components that IE uses (which might in some cases allow them to be protected by the IE protection, but might not in other cases, I'm too out of date on that to know details).  Some other programs don't utilize those lower level components [which might be protected] though.  Leaving some TBD potential for less than desired protection.

Anyway, an interesting test... which I can't perform since I'm not using avast 7... would be to initiate an HTTP request for a test URL known to be in the malicious URL list (or if you know what you are doing and have taken precautions you could use an actual malicious URL) while being sure to bypass any URL blocking protections built into the browser/tool you are using to perform the request.  IOW, test to see if there is still malicious URL blocking built into shield/proxy.

Edit: Search engine turned up this test URL:

http://www.avast.com/eng/test-url-blocker.html
« Last Edit: February 26, 2012, 07:31:44 PM by FlyingRobot »

Offline Gopher John

  • avast! Evangelist
  • Super Poster
  • ***
  • Posts: 1404
  • Gender: Male
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #7 on: February 26, 2012, 07:55:15 PM »
Phishing protection is not the same as malicious URL blocking, although the two could be combined on the same site.

The test URL you posted is blocked with a Red popup showing as malicious.  I guessing that a phishing site would trigger a Red popup, but perhaps with a different wording.?

@Dch48
I have Firefox as my default browser.  I also use Opera on rare occasions.  Since I'm on WinXP, IE 8 is installed.  All have phishing protection built in.  I'm leaving Avast phishing protection active as an additional layer without conflict and virtually no load on the system.  It's also possible that it might block a site that the browser's protection wouldn't.
Pentium4 3.4GHZ, 2.0GB RAM, RADEON x850 XT Platinum Edition, WinXP Pro SP3 32bit, IE 8
i7-3610QM 2.3GHZ, 8.0GB Ram,  Nvidia GeForce GT 630M 2GB, Win7 Pro SP1 64bit, IE 11
Common to both: AIS 2014 9.0.2018, WinPatrol Plus, SpywareBlaster 5, Opera 12.17, Firefox 28, MBam Free, MCShield, CCleaner

Offline Dch48

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2786
  • Gender: Male
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #8 on: February 26, 2012, 08:26:51 PM »
Well I might reinstall the plugin and just turn off the WebRep part of it.
HP6140 Laptop, AMD A8-3500M Quad Core APU, 6GB RAM, Windows 7 Home Premium 64 SP1, IE10 & Outlook 2007,  Comodo Internet Security 6.3, MBAM on demand
Google/Asus Nexus 7 tablet, Tegra 3 quad core 1.3ghz, 32GB storage, Android 4.4.2, Dolphin browser, TrustGo Mobile Security
HP 5215us laptop, AMD Turion64 single core CPU, 2GB RAM, Windows 8.1 pro 32 bit, IE11 & Outlook 2007, Comodo Internet Security 6.3--- All machines behind a NAT router

Offline Gopher John

  • avast! Evangelist
  • Super Poster
  • ***
  • Posts: 1404
  • Gender: Male
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #9 on: February 26, 2012, 08:38:29 PM »
Well I might reinstall the plugin and just turn off the WebRep part of it.

On this machine, I have 6 Windows users, each of which have a Firefox profile (one has 2 profiles).  On a couple of the users profiles, I simply disabled WebRep on Firefox | Add-ons page.  Since these profiles are used for a very limited amount of sites and only for short sessions, they wouldn't contribute much to Avast Community anyway.  I really don't know how disabling WebRep would affect phishing protection in the profile setup.
Pentium4 3.4GHZ, 2.0GB RAM, RADEON x850 XT Platinum Edition, WinXP Pro SP3 32bit, IE 8
i7-3610QM 2.3GHZ, 8.0GB Ram,  Nvidia GeForce GT 630M 2GB, Win7 Pro SP1 64bit, IE 11
Common to both: AIS 2014 9.0.2018, WinPatrol Plus, SpywareBlaster 5, Opera 12.17, Firefox 28, MBam Free, MCShield, CCleaner

Offline FlyingRobot

  • Full Member
  • ***
  • Posts: 105
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #10 on: February 26, 2012, 08:46:05 PM »
Phishing protection is not the same as malicious URL blocking, although the two could be combined on the same site.

I realize there are some things that a plug-in can do/detect which a proxy can't (at least not nearly as easily/reliably).  Was trying to establish a starting point though, and genuinely believed the malicious URL blocking might have been removed from the shield/proxy.  Assuming, as I believe I have read in the past, that the malicious URL list does provide coverage of phishing sites (anyone care to correct that?) and assuming your second comment confirms that malicious URL blocking remains in the avast 7 shield/proxy, then eliminating the browser add-ons would not eliminate phishing protection entirely but rather only eliminate some of the new phishing protection.  Which I haven't read enough about to even comment on.  Maybe someone else can provide or point to a detailed description if one exists.

Well I might reinstall the plugin and just turn off the WebRep part of it.
I don't know if you are setup to do this easily, or would even care to... (if no, no prob)... but if both are true I'd be interested to know if the "Disable WebRep, Enable phishing protection" options in the avast 7 plugins settings results in avast sending URL information to their servers. 

Offline Dch48

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2786
  • Gender: Male
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #11 on: February 26, 2012, 08:53:58 PM »
Okay, I have it on now in Chrome but I just don't like it in IE, so it's gone. It's supposed to show SafeZone controls if you select that, but I can't see or find them anywhere.
HP6140 Laptop, AMD A8-3500M Quad Core APU, 6GB RAM, Windows 7 Home Premium 64 SP1, IE10 & Outlook 2007,  Comodo Internet Security 6.3, MBAM on demand
Google/Asus Nexus 7 tablet, Tegra 3 quad core 1.3ghz, 32GB storage, Android 4.4.2, Dolphin browser, TrustGo Mobile Security
HP 5215us laptop, AMD Turion64 single core CPU, 2GB RAM, Windows 8.1 pro 32 bit, IE11 & Outlook 2007, Comodo Internet Security 6.3--- All machines behind a NAT router

Offline mag

  • Advanced Poster
  • **
  • Posts: 743
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #12 on: February 26, 2012, 09:01:32 PM »
Okay, I have it on now in Chrome but I just don't like it in IE, so it's gone. It's supposed to show SafeZone controls if you select that, but I can't see or find them anywhere.
I seem to recal reading somewhere that show safezone controls just prompts you to think about using safezone whenever you visit a banking website that avast have heard of in a normal browser.

Offline Dch48

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2786
  • Gender: Male
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #13 on: February 26, 2012, 09:03:16 PM »
Okay, I have it on now in Chrome but I just don't like it in IE, so it's gone. It's supposed to show SafeZone controls if you select that, but I can't see or find them anywhere.
I seem to recal reading somewhere that show safezone controls just prompts you to think about using safezone whenever you visit a banking website that avast have heard of in a normal browser.
Ahh I'll have to check that out
HP6140 Laptop, AMD A8-3500M Quad Core APU, 6GB RAM, Windows 7 Home Premium 64 SP1, IE10 & Outlook 2007,  Comodo Internet Security 6.3, MBAM on demand
Google/Asus Nexus 7 tablet, Tegra 3 quad core 1.3ghz, 32GB storage, Android 4.4.2, Dolphin browser, TrustGo Mobile Security
HP 5215us laptop, AMD Turion64 single core CPU, 2GB RAM, Windows 8.1 pro 32 bit, IE11 & Outlook 2007, Comodo Internet Security 6.3--- All machines behind a NAT router

Offline j0ta

  • Newbie
  • *
  • Posts: 2
    • Personal Message (Offline)
Re: Avast 7 anti-phishing protection: Is it really needed?
« Reply #14 on: February 26, 2012, 09:25:33 PM »
I use IE9 almost exclusively  and I hate the way WebRep is implemented in it like a whole toolbar so I have uninstalled the browser plugin entirely.

Why a toolbar instead of a button like in Mozilla's Firefox.

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now