8.2 Block Reported Web Forgeries

Information

This setting can be configured to alert the user if they are visiting a known phishing website.

Rationale:

Enabling this feature helps mitigate the threat of phishing attacks.

Impact:

None - This is the default behavior.

Solution

To establish the recommended configuration, set browser.safebrowsing.phishing.enabled to true:

Type about:config in the address bar

Type browser.safebrowsing.phishing.enabled in the filter

Ensure the setting is set as prescribed.

OR

Open the mozilla.cfg file in the installation directory with a text editor

Add the following lines to mozilla.cfg:

lockPref('browser.safebrowsing.phishing.enabled', true);

Default Value:

True (Enabled).

See Also

https://workbench.cisecurity.org/files/4299

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-8

Plugin: Windows

Control ID: c9cd97540bfca721874e9716c2ad0d09a19812d8ee6640c5da42a0bc6c3a96ef