Opera’s Fraud and Malware Protection

Opera’s Fraud and Malware Protection warns you about suspicious webpages and is enabled by default. It checks the page you request against several databases of known phishing and malware websites, called a blacklists. Although it is not possible to totally eliminate the risk of encountering an unidentified phishing or malware website, the risk is minimized.

Note that checking against the database does not delay the opening of webpages.


What is phishing?

The explosive growth of Internet commerce has given rise to a new breed of online criminals who may attempt to steal your passwords, your credit card numbers, and other personal information by impersonating authority figures from your bank or other institutions you frequent. The best defense against this growing threat is to be aware of the problem and to be alert when transacting business online.

Fraud of this kind is often called phishing, and in analogy to fishing, your private information is the catch. There is more than one kind of bait, but the most common type is email, apparently from your bank, coupled to a website resembling your bank’s — so precisely copied that you may not discern the difference. You will be encouraged to log in and “verify” your customer information: in other words, to reveal your password, credit card number, or other private data.

What is malware?

For the same reason that you have anti-virus software installed, you may want protection from websites that distribute viruses or other malicious software, collectively known as malware. The concept of malware encompasses not just viruses, but also scripts that may run automatically when you load a webpage.

How to use Fraud and Malware Protection information

With Opera Fraud Protection enabled, every webpage you request is subjected to phishing and malware filters. The security status of the page is displayed in a security bar in the address field. Indicators in this bar tell you about the level of security the protocol (HTTPS or HTTP) provides, the validity of the certificate, or whether it has been blacklisted.

A maximally secure site has the following features:

The table below describes the security bar indicators used in the Opera browser:

Security bar indicator Protocol Status
HTTPS Maximally secure site, with Extended Validation (EV)
HTTPS Secure site, where the credentials of the site owner have been checked
HTTPS HTTPS site with problems or where information is not available to enable verification
HTTP Normal site
Any Blacklisted site, with Fraud Site warning

Fraud warning

If a website is found on the blacklists, a warning page displays before the page is shown. You must decide whether to visit the questionable website, to return safely to the browser home page, or to read additional information about the status of the page. If you open a phishing or malware page, it will be marked with a red “Fraud Site” indicator, as shown in the table above.

Detailed security information

To display more detailed security information, including information about the website’s certificate, click the security bar. To view this information for any webpage, you can also select Page > Developer Tools > Page Security Info. In this dialog, you can also report a site as suspicious, or enable/disable Fraud Protection. For more details, see the Security Information dialog topic.

Opera’s Fraud and Malware Protection and your privacy

The server used for Opera’s Fraud and Malware Protection does not save your IP address or any other information related to your identity. There are no cookies related to the use of this feature. By default, Opera Fraud and Malware Protection is enabled. With Opera Fraud and Malware Protection enabled, he domain name of websites you visit is sent to Opera’s Fraud and Malware Protection server together with a hash of the domain name. HTTPS sites are checked via an encrypted channel, while IP addresses on the local intranet will never be checked.

Opera’s Fraud and Malware Protection server does not save your IP address or any other information related to your identity. There are no cookies or other session information. Anonymized, aggregated data pertaining to the most popular domains may however be stored in order to improve our products and services.

Disabling/Enabling Fraud and Malware Protection

Opera Fraud and Malware Protection can be disabled/enabled from Settings > Preferences > Advanced > Security by checking or unchecking “Enable Fraud and Malware Protection”.

Note: Once disabled, the browser does not make any contact with the server used for Opera's Fraud and Malware Protection.

Page 3 of 10

Return to: Guide to security and privacy in Opera — Topics