28 September 2006 | Author: R. Green
The last two years have seen a dramatic rise in online security threats from many different sources - especially regarding the technique of 'phishing'. In May 2006, the Anti-Phishing Working Group reported that there was a 400% increase in the number of phishing sites over the year. However a new report shows that IE7 contains some powerful tools to protect users.
This is a type of serious internet fraud which tries to steal valuable information such as credit card and social security numbers, user IDs and passwords through the use of fake emails or websites that are designed to look similar to that of a legitimate organisation. Following years of stagnation from Microsoft - with Internet Explorer remaining untouched - a new Microsoft sponsored study conducted by technical services company, 3sharp, indicates that the latest version of the browser, IE7 Beta three, has become one of the best products for successfully tackling this problem head on.
Phishing usually involves an email which purports to come from a well known reputable financial institution or an online shopping or auction site, and which requests that the recipient use a link that will then access a replica version of the trusted website. The victim will then be asked to enter their personal details, including security access codes, which can then be used by the scammers to access bank records, fraudulently use access logins, and so on.
In addition to testing IE7, seven other toolbar and browser solutions were tested, including products from EarthLink, eBay, Google Safe Browsing using Firefox, GeoTrust, McAfee SiteAdvisor, Netcraft, and Netscape. These products identify potentially fraudulent sites and aim to either block access or warn users before they enter them.
3sharp believe that this is the first time this type of public comparative test has been carried out - that is, with the use of genuine live online phishing URLs which are gathered from a variety of different e-mail sources to provide a more representative real world test model.
The results placed IE7 beta three as the best performer for blocking 'phish', with the Netcraft toolbar close behind. The most successful product for warning users of possible threats without blocking them was the GeoTrust Trustwatch solution, which caught a staggering 99% of all the phishing sites used in the tests - although it also gave the most false positive warnings when accessing safe sites.
Tony Chor, MS Group Program Manager, said: "It's great to see so many companies looking for different ways to address the significant problem of phishing. We think that the results reported by 3Sharp validate the unique approach we've taken of combining a service-backed block list with client-side heuristics. That said, we understand that the threat posed by phishing is constantly evolving as are the tools designed to protect users, so this set of results represents only the relative performance during that period. We know we need to keep working to keep up with the changes in the attacks and are already using the results of this test to further improve the efficacy of the Phishing Filter."
While none of these products will eradicate the insidious growing threat of phishing scams, they can provide a good level of protection when combined with some common sense and treating with caution all unsolicited email.
Microsoft shooting 'phish' with both barrels
This is a type of serious internet fraud which tries to steal valuable information such as credit card and social security numbers, user IDs and passwords through the use of fake emails or websites that are designed to look similar to that of a legitimate organisation. Following years of stagnation from Microsoft - with Internet Explorer remaining untouched - a new Microsoft sponsored study conducted by technical services company, 3sharp, indicates that the latest version of the browser, IE7 Beta three, has become one of the best products for successfully tackling this problem head on.
Phishing usually involves an email which purports to come from a well known reputable financial institution or an online shopping or auction site, and which requests that the recipient use a link that will then access a replica version of the trusted website. The victim will then be asked to enter their personal details, including security access codes, which can then be used by the scammers to access bank records, fraudulently use access logins, and so on.
In addition to testing IE7, seven other toolbar and browser solutions were tested, including products from EarthLink, eBay, Google Safe Browsing using Firefox, GeoTrust, McAfee SiteAdvisor, Netcraft, and Netscape. These products identify potentially fraudulent sites and aim to either block access or warn users before they enter them.
3sharp believe that this is the first time this type of public comparative test has been carried out - that is, with the use of genuine live online phishing URLs which are gathered from a variety of different e-mail sources to provide a more representative real world test model.
The results placed IE7 beta three as the best performer for blocking 'phish', with the Netcraft toolbar close behind. The most successful product for warning users of possible threats without blocking them was the GeoTrust Trustwatch solution, which caught a staggering 99% of all the phishing sites used in the tests - although it also gave the most false positive warnings when accessing safe sites.
Tony Chor, MS Group Program Manager, said: "It's great to see so many companies looking for different ways to address the significant problem of phishing. We think that the results reported by 3Sharp validate the unique approach we've taken of combining a service-backed block list with client-side heuristics. That said, we understand that the threat posed by phishing is constantly evolving as are the tools designed to protect users, so this set of results represents only the relative performance during that period. We know we need to keep working to keep up with the changes in the attacks and are already using the results of this test to further improve the efficacy of the Phishing Filter."
While none of these products will eradicate the insidious growing threat of phishing scams, they can provide a good level of protection when combined with some common sense and treating with caution all unsolicited email.
English
German/Deutsch
Norwegian/Norsk
Swedish/Svenska
Italian/Italiano
French/Français
Spanish/Español
Latest News
Group sues over Google privacy policy changes
Google pays users to give up their privacy
Yahoo Chairman Roy Bostock steps down
Google introduces Chrome for Android
Apple warns appayola-using app-makers
Deleted photos live on in Facebook servers
Ofcom caps broadband and phone line prices
RSS News Feeds
Related Articles
