Opera’s Fraud and Malware Protection

Opera’s Fraud and Malware Protection warns you about suspicious webpages and is enabled by default. It checks the page you request against several databases of known phishing and malware websites, called a blacklists. Although it is not possible to totally eliminate the risk of encountering an unidentified phishing or malware website, the risk is minimized.

Note that checking against the database does not delay the opening of webpages.

Notes

What is phishing?

The explosive growth of Internet commerce has given rise to a new breed of online criminals who may attempt to steal your passwords, your credit card numbers, and other personal information by impersonating authority figures from your bank or other institutions you frequent. The best defense against this growing threat is to be aware of the problem and to be alert when transacting business online.

Fraud of this kind is often called phishing, and in analogy to fishing, your private information is the catch. There is more than one kind of bait, but the most common type is email, apparently from your bank, coupled to a website resembling your bank’s — so precisely copied that you may not discern the difference. You will be encouraged to log in and “verify” your customer information: in other words, to reveal your password, credit card number, or other private data.

What is malware?

For the same reason that you have anti-virus software installed, you may want protection from websites that distribute viruses or other malicious software, collectively known as malware. The concept of malware encompasses not just viruses, but also scripts that may run automatically when you load a webpage.

How to use Fraud and Malware Protection information

With Opera Fraud and Malware Protection enabled, every webpage you request is subjected to phishing and malware filters. The security status of the page is displayed in a security badge in the address field.

A maximally secure site has the following features:

The table below describes the security badges used in the Opera browser:

Security badge Status
Maximally secure site, with Extended Validation (EV), where the identity of the owners of the website have been thoroughly verified
Secure site, where the credentials of the site owner have been checked
Normal site, or a site where there are problems with encryption, or where information is not available to enable verification
File or folder on your computer
Site that has been listed as a known fraudulent site
Site that has been listed as a known malware site

Note: The badge may also indicate that Opera Turbo is enabled. For more details, see “Beat slow connections with Opera Turbo” in the “Introduction to Opera” tutorial.

Fraud warning

If a website is found on lists of known, suspicious sites, a warning page may display before the page is shown. You decide whether to visit the questionable website, to return safely to the browser home page, or to read additional information about the status of the page. If you open a phishing or malware page, it will be marked with a red “Fraud Site” or “Malware site” indicator, as shown in the table above.

If you are a website owner and have discovered that you are on a blacklist, see Website owners: Handling fraud or malware warnings.

Summary and detailed security information

To display summary security information, click the security badge. For more detailed security information, including information about the website’s certificate, click the Details button. In the resulting dialog, you can also report a site as suspicious, or enable/disable Fraud and Malware Protection. For more details, see the Security Information topic.

Opera’s Fraud and Malware Protection and your privacy

The server used for Opera’s Fraud and Malware Protection does not save your IP address or any other information related to your identity. There are no cookies related to the use of this feature. By default, Opera Fraud and Malware Protection is enabled. With Opera Fraud and Malware Protection enabled, he domain name of websites you visit is sent to Opera’s Fraud and Malware Protection server together with a hash of the domain name. HTTPS sites are checked via an encrypted channel, while IP addresses on the local intranet will never be checked.

Opera’s Fraud and Malware Protection server does not save your IP address or any other information related to your identity. There are no cookies or other session information. Anonymized, aggregated data pertaining to the most popular domains may however be stored in order to improve our products and services.

Disabling/Enabling Fraud and Malware Protection

Disabled or enabled Opera's Fraud and Malware Protection from Settings > Preferences > Advanced > Security by checking or unchecking “Enable Fraud and Malware Protection”.

Note: Once disabled, the browser does not make any contact with the server used for Opera's Fraud and Malware Protection.

Page 3 of 10

Return to: Guide to security and privacy in Opera — Topics