Apple's Safari browser a security risk?

If you're using Apple's Safari browser, PayPal has some advice for you: Drop it, at least if you want to avoid online fraud.

Safari doesn't make PayPal's list of recommended browsers because it doesn't have two important anti-phishing security features, according to Michael Barrett, PayPal's chief information security officer.

"Apple, unfortunately, is lagging behind what they need to do, to protect their customers," Barrett said in an interview. "Our recommendation at this point, to our customers, is use Internet Explorer 7 or 8 when it comes out, or FireFox 2 or Firefox 3, or indeed Opera."

Safari is the default browser on Apple's Macintosh Computers and the iPhone, but it is also available for the PC. Both Firefox and Opera run on the Mac.

Unlike its competitors, Safari has no built-in phishing filter to warn users when they are visiting suspicious Web sites, Barrett said. Another problem is Safari's lack of support for another anti-phishing technology, called Extended Validation (EV) certificates. This is a secure Web browsing technology that turns the address bar green when the browser is visiting a legitimate Web site.

When it comes to fighting phishing, "Safari has got nothing in terms of security support, only SSL, that's it," he said. Apple representatives weren't immediately available to comment on this story.

Click the Image above to read more