Skip Links

More ways to protect yourself from phishing

By Rob Griffiths, Macworld
August 07, 2008 10:08 AM ET

Macworld - In my recent Editors' Notes post on Consumer Reports' recommendation that Mac users dump Safari because the Apple browser lacks the anti-phishing tools of Firefox and Opera, I focused on behavioral changes one can make that minimize the risks of phishing attempts. I didn't, however, discuss a relatively simple configuration change you can make to your Mac that will give you a real anti-phishing tool--in Safari or any other browser you might want to use.

Consumer Reports touted Firefox or Opera over Safari because of the built-in anti-phishing tools in those first two browser; Safari has no such built-in capability. There is, however, a free service you can use that will give every browser on your Mac a full set of anti-phishing tools (and additional tools, if you choose to use them). This service is called OpenDNS, and it's a free replacement for your Internet service provider's (ISP) domain name servers.

So just what are domain name servers? A domain name server looks up addresses in the Domain Name System (DNS). In other words, a domain name server is the phone book for the Internet--it translates domain names (, for example) into Internet protocol (IP) addresses (, in the case of When you load a Web site, it's this IP address that's used to find the server, not the server's name you typed into the URL bar. Without the DNS, you'd have to know the IP address of any Web site you wanted to use--not a very practical method for browsing the Web.

By default, you are more than likely using the DNS servers provided by your ISP. These are typically included in the setup instructions you used when setting up your Internet connection. But just as there are many companies providing telephone books, there are many different DNS servers you can use--you aren't required to use the DNS servers provided by your ISP. OpenDNS is one such alternative "phone book," and it's one that comes with many features (most are optional) that you probably won't find in your ISP's DNS servers. One of those features is phishing protection, based on OpenDNS' PhishTank project. Once you've set your Mac to use OpenDNS' DNS servers, you get this protection automatically, in any application that uses DNS servers to resolve names.

 Note that OpenDNS is able to provide its services for free because it changes how your browser behaves when you enter a non-existent URL, say for If you enter that URL using your normal DNS servers, you'll get a standard "page not found" error message. If you load that URL using OpenDNS, however, you'll see the image at right (click the image for a larger version). The ads you see there are what help OpenDNS pay for its services. If the prospect of seeing such ads when you enter a bad URL concerns you, then you'll want to pass on this solution. For me, though, it's a small price to pay for an excellent free service.

Setting up OpenDNS

So how do you use OpenDNS in place of your ISP's DNS servers? The answer depends on which version of OS X you're using, how you connect to the Internet, and how your current DNS server information has been set. Answering this question for every version of OS X and every possible network configuration simply isn't possible in this space. Instead, I'll provide some generic configuration advice, a specific example, and a pointer to OpenDNS' own very usable installation instructions.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News