Most claims you read about security products come from the companies that make them. That’s understandable — but it’s also why independent evaluation matters so much. When researchers with no stake in the outcome put a tool through controlled tests and report what they find, the result carries a weight that marketing copy never can.
So we were glad to see SafeToOpen included in exactly that kind of study: an independent evaluation of how well browser extensions defend everyday users against spear-phishing and browser-based attacks.
What the researchers did
The study set out to answer a practical question: when a real phishing attack reaches someone’s browser, which extensions actually help? To test it under realistic conditions, the researchers built a controlled lab environment and ran live simulated attacks rather than relying on theory or vendor claims.
- Simulated spear-phishing — using the ZPhisher toolkit on Kali Linux to generate convincing phishing pages, the kind used to harvest credentials.
- Browser exploitation — using the BeEF (Browser Exploitation Framework) on Ubuntu to test attacks that target the browser itself.
- A head-to-head comparison — several different browser extensions were measured on how well they detected and blocked these attacks.
This matters because it mirrors how attacks actually unfold. A spear-phishing page doesn’t announce itself; it tries to look legitimate and capture what you type. The test measured whether each extension caught that behaviour in the moment.
What they found
Among the extensions evaluated, SafeToOpen was identified as an effective option for phishing detection. The researchers described the kind of behaviour that earns that result: proactively alerting users to threats and blocking malicious connections as the attack was attempted — a preferred option for phishing detection among those they tested.
That lines up with how SafeToOpen is designed to work. Rather than waiting for a phishing page to appear on a blocklist, it analyses each page in real time and warns you before you hand over anything sensitive.
See how it works
SafeToOpen Browser Security inspects each page as it loads and flags phishing in real time — including pages no blocklist has seen yet.
Explore Browser Security →Why this kind of evidence matters
Independent testing is one of the few ways to cut through the noise in security. Anyone can claim to stop phishing; far fewer claims survive a controlled test against live attacks. For people and businesses deciding what to trust with their browsing, an outside evaluation is a meaningful signal — not the only one, but a real one.
We’ll keep putting SafeToOpen in front of independent scrutiny, because protection should be proven, not just promised.
Read it yourself
We believe in pointing you to the source rather than asking you to take our word for it. You can read the full study, including its methodology and the other extensions evaluated, at the link in the sources below.