Note: whether or not you choose to enable Fraud and Malware Protection, you should always look for the closed padlock in the address field before submitting credit card numbers or other highly personal information.
Note: this document describes Fraud and Malware Protection for Opera 10.60. Fraud and Malware Protection functioned somewhat differently in Opera 9.10 and Opera 9.50.
The explosive growth of Internet commerce has attracted the attention of everyone, including a new breed of online criminals who will attempt to steal your passwords, your credit card numbers, and other personal information by impersonating authority figures from a bank or other institution with whom you have a financial relationship. The best defense against this growing threat is to be aware of the problem, and to be alert when conducting your online business.
Fraud of this kind is sometimes called phishing, and in analogy to fishing, your private information is the catch. There is more than one kind of bait, but the most common type is e-mail, apparently from your bank, coupled to a website resembling your bank's, so precisely copied that you may not discern the difference. You will be encouraged to log in and "verify" your customer information: in other words, to reveal your password, credit card number, or other private data.
For the same reason that you have anti-virus software installed, you may want protection from websites that distribute viruses or other malicious software, collectively known as malware. The concept of malware encompasses not just viruses, but also scripts that exploit security problems in the browser or in browser plug-ins, scripts that may run automatically when you load a webpage.
When Opera Fraud and Malware Protection is enabled, you contact a server at Opera once per session for each website you visit. HTTPS sites are checked via an encrypted channel, while IP addresses on the local intranet will never be checked. Opera sends the domain name of the requested page to the server, which checks it against phishing blacklists compiled by Netcraft and PhishTank, and malware blacklists compiled by Yandex.
If the domain name matches a name on the blacklists, the Fraud and Malware Protection server returns an XML document to the browser, describing the type of problem (phishing or malware) and listing the affected addresses within that domain. The XML document names the partner that provided the information, and includes links to pages that describe the problems more exactly, when these are available.
If the requested page matches a page listed in the XML document, the browser presents you with a warning. The domain names of all websites you have requested are cached by the browser for the duration of your session, so that additional contact with the Fraud and Malware Protection server is not required.
The privacy implications of Opera Fraud and Malware Protection can be summarized as follows:
With Opera Fraud and Malware Protection enabled, every webpage you request is subjected to phishing and malware filters. The security status of the page is displayed on the right side of the address field, as indicated in the table below:
| Address Field | Protocol | Status |
|---|---|---|
| Secure Site | HTTPS | Maximally secure site, with Extended Validation (EV) |
| Secure Site | HTTPS | Secure site |
| ? | HTTPS | HTTPS site with problems |
| HTTP | Normal site | |
| Fraud Site | Any | Fraud site |
A secure page with valid security certificate and no mis-configuration of the server will display a lock on the right side of the address field, and clicking on this lock will cause the security information for the page to be displayed, including information about the website's certificate.
If a website is found on the blacklists, you will be presented with a warning page, and you must decide whether to visit the questionable website, to return to the browser home page, or to read additional information about the status of the page. If you open a phishing or malware page, it will be marked with a red "Fraud Site" indicator.
The security dialog is available at any time via the menu item or the keyboard shortcut Alt + Enter. It provides the possibility of reporting a site as suspicious, and of enabling/disabling Fraud and Malware Protection.
Opera's Fraud and Malware Protection server does not cause any delay in the opening of webpages.
Opera Fraud and Malware Protection can be enabled/disabled from by checking/unchecking the box marked "Enable Fraud and Malware Protection."
Need help? Hit F1 anytime while using Opera to access our online help files, or go here.