A Better Anti-Phishing Toolbar?

Saqib Ali asks: "There have been recent discussions on Security Focus mailing lists about several Anti Phishing Toolbars available for Firefox. Do Slashdot readers have any recommendations on which Anti Phishing toolbar to use, or on how to improve upon the existing ones?"

Re:Sticker

[MrNougat]

I've worked for a company with 1000 employees in 72 locations in the US. Financial services company. If that's not bureaucratic, I don't know what is.

I think, generally speaking, much time is spent trying to prevent social engineering attacks with technological methods. Phishing is not an attack against a technological resource; it's an attack against a person using technology. The weakness being exploited is in the person, not in the computer system. Trying to protect a computer system from phishing is like trying to protect a bank teller from being robbed. It's not the bank teller being robbed, it's the money in the bank. Sure, the bank teller is a conduit through which robbery can occur, and by that logic, protecting the bank teller will reduce the risk of robbery. But a better way is to protect the money by putting it in a vault. I don't know of any banks that don't have vaults.

Reducing people's weakness to phishing by telling them - over and over, or with a sticker - that no legitimate company will request personal information via email is like putting the bank's money in a vault.