Defend yourself and your organization against cybercrime with Netcraft’s browser extension for Chrome, Firefox, Edge, and Opera
Cybercrime protection, in your favorite browser
Beyond protection from threats already blocked by Netcraft, the extension allows for easy access to site information and to report suspicious sites in just a few clicks.
Download the extension today
The browser extension can be downloaded for free from your browser’s store by clicking on an icon below
Defend against cybercrime
The browser extension protects you against a wide range of malicious attacks, preventing you from accidentally visiting sites Netcraft has classified as malicious. You can report new threats to us directly from within the extension.
It’s easy to configure the level of protection by enabling or disabling different attack types in the extension options. You also get easy and quick access to a detailed report about the site’s technology and hosting provider, helping you to make informed choices.
What does the extension protect against?
Phishing sites are fraudulent websites that are designed to trick visitors into submitting details such as usernames, passwords, credit card information, or other personal data. They normally impersonate a legitimate organization, such as a bank, government department, online service provider, or email solution – perhaps even your employer. Any details you enter into phishing sites are collected by the site’s criminal creators.
Phishing sites are often distributed by email and SMS message. These messages can be very convincing, so it is important to exercise caution when following links from suspicious communications. Thankfully, Netcraft is a leading phishing feed provider and the Netcraft Extension checks all the websites you visit against our blocklist directly.
A fake shop is an online shop that claims to sell products, but either delivers counterfeit goods or not at all. They are hosted with the objective of capturing the user’s payment information and personal data for future fraud, and in some cases even directly take payment from the user.
The Netcraft Extension protects users by warning them when they attempt to visit a known fake shop.
Some websites use your computer’s processing power to generate digital currency without your consent, using your electricity and slowing down your device while you are on the site. Miners can greatly reduce the battery life of portable devices while running. They can also cause increased fan noise, and over long periods of time may even reduce the lifespan of the device.
The miner may be an intentional feature of the website, or it may be injected by criminals. The Netcraft Extension protects users by blocking known cryptocurrency mining scripts from running.
Cross Site Scripting (XSS)
XSS attacks are malicious scripts hidden in links to legitimate websites. When the link is followed, the code runs on the destination web page. XSS attacks can be used to hijack your session, giving the attacker access to your account on a website. They can also make unauthorized actions on your behalf, steal your information, and much more.
The Netcraft Extension has built-in protection against XSS which is capable of detecting and blocking attacks.
Frequently Asked Questions
The Netcraft Extension provides comprehensive site information and cybercrime protection when browsing the web. Users can also use the extension to report URLs they believe to be malicious to Netcraft.
No — Netcraft has no way of knowing which pages an individual user visits when using the Extension. We do, however, collect the hostnames of the websites visited by our users in order to provide website popularity ranking information. In order to protect the privacy of organizations’ internal networks, the Netcraft Extension does not transmit information about sites on IANA private addresses.
Go to the options page of the extension (usually located in your browser’s Extensions Manager) and disable blocking for shopping site skimmers, web miners, other malicious scripts and credential leaks. Note that this also disables protection against these scripts and credential leaks.
- The Firefox Extensions Manager can be found at Firefox Menu > ‘Add-ons’ > ‘Extensions’.
- The Chrome Extensions Manager can be found at Google Chrome Menu > ‘More tools’ > ‘Extensions’.
- The Opera Extensions Manager can be found at Opera Menu > ‘Extensions’ > ‘Manage Extensions’.
- The Edge Extensions Manager can be found at Options Menu > ‘Extensions’ > ‘Netcraft Extension’ > ‘Remove’.
The Netcraft Extension is available for Mozilla Firefox, Google Chrome, Opera, and Microsoft Edge.
Go to the options page of the extension (usually located in your browser’s Extensions Manager) and disable the ‘Allow analytics’ option.
The Firefox Extensions Manager can be found at Firefox Menu > ‘Add-ons’ > ‘Extensions’.
The Chrome Extensions Manager can be found at Google Chrome Menu > ‘More tools’ > ‘Extensions’.
The Opera Extensions Manager can be found at Opera Menu > ‘Extensions’ > ‘Manage Extensions’.
The Edge Extensions Manager can be found at Options Menu > ‘Extensions’ > ‘Netcraft Extension’ > ‘Remove’.
There are several reasons why you may receive a warning about a website you know to be harmless. The Extension has several built-in safety checks that will alert you if a URL contains suspicious characters, or a page is possibly susceptible to Cross-Site Scripting (XSS) attacks. In these cases, if you are sure that the website poses no threat, you can ignore the warning by clicking ‘Visit anyway’ on the block page. If you believe that the Extension has incorrectly classified a safe site as malicious, you can let us know by using the ‘Report mistake’ link on the block page. You can also access the form directly. The Extension will only ever warn you about suspicious websites by displaying a warning dialog; it will never cause the site to stop responding or display a ‘file not found’ page. Please be certain that the Extension is displaying such a warning before contacting us.
The Risk Rating displayed by the Netcraft Extension offers a further level of protection against new sites that are not yet in Netcraft’s database. A lower risk rating is better as it indicates lower risk. Although some sites contain entirely benign content, the Netcraft Extension may assign a high Risk Rating because it could be hosted under a newly registered domain, the site may have never been seen in the Netcraft Web Server Survey before, or the network hosting the site may have hosted a number of fraud sites in the past. Many other factors are also taken into account. Hosting a website on an unusual port number will also increase the Risk Rating, as will hosting a site from a raw IP address, as many phishing sites employ this tactic. The Risk Rating can be calculated fast enough to be performed for arbitrary sites as people visit them, and does not rely on manual categorization.
‘New Site’ means the site you are currently visiting has not been seen before by the Netcraft Web Server Survey. This indicates that the site is very new and should be considered less trustworthy than other sites, since most phishing sites spring up overnight and disappear just as quickly.
The Extension displays the location of a site’s IP address based on the information provided by your computer. If your local DNS cache was ‘poisoned’ such that the website pointed to an IP address located in Russia, then the Extension would report the site as being located in Russia.
The Netcraft Extension functions correctly with ordinary web proxies. Internet Service Providers (ISPs) using transparent proxies to route your web page requests could cause the Extension to report a website as belonging to your ISP, however, this is quite a rare occurrence.
Credential leak detection is one of the techniques the extension uses to detect shopping site skimmers. When your browser sends a request, the extension checks to see if you’ve entered any sensitive data (such as a credit card number or a password) into the web page. If you have, the extension inspects the outgoing request. If the request is sending the details you entered to a different domain (for example, from a netcraft.com web page to example.com) then this indicates a potential skimming attack. The request is blocked to protect your private information, and you are shown a block page notifying you of the attack. The infected page is also automatically reported to Netcraft.
Want to protect your other platforms?
We also have apps to help protect you from phishing for your mail and mobile.