IE, Mozilla Teams Claim Anti-Phishing Crown
In an independent firm's test of the relative capability of the built-in anti-phishing filters for Mozilla Firefox 2.0 and Microsoft Internet Explorer 7, the Firefox filter was shown to be significantly more effective at detecting phishing sites. But Microsoft funded a separate study with far different results.
The sites used in the Mozilla test, conducted by Smartware Technologies, Inc., were selected from a list compiled by another independent firm: the trusted anti-phishing group PhishTank, which maintains a long list of more-than-suspicious sites, submitted by users in the field and tested for their lack of authenticity.
In a list of 1,040 known phishers supplied by the PhishTank group, 820 of the sites were blocked by Firefox 2.0 in its default state, while 848 sites were blocked with the browser's "Ask Google" assistance feature turned on. IE7, meanwhile, only managed to block 690 sites, in test results that Mozilla states were independently verified by security services firm iSEC Partners.
The Internet Explorer team, meanwhile, pointed to a separate study by 3Sharp, which rated IE7's built in anti-phishing feature far above that offered in Firefox. Microsoft asked 3Sharp to conduct the study, which involved 100 live phishing sites that were gathered using four independent sources of data.
According to 3Sharp, IE7 caught nearly 9 out of 10 phishing sites and generated no warnings on the 500 valid sites tested. It scored 172 points on 3Sharp's scale, with the Netcraft Toolbar following closely behind at 168 points. Firefox -- with Google's anti-phishing technology -- recorded a score of only 106, landing it in third place.
"We think that the results reported by 3Sharp validate the unique approach we’ve taken of combining a service-backed block list with client-side heuristics," said IE program manager Tony Chor. "That said, we understand that the threat posed by phishing is constantly evolving as are the tools designed to protect users, so this set of results represents only the relative performance during that period."
Missing from yesterday evening's statement from Mozilla is the fact that PhishTank already produces an add-in for Firefox 2.0 called SiteChecker, which uses the entire PhishTank list for its anti-phishing capabilities, and would thus presumably be 100% effective against this same list of sites, were it tested against Firefox 2.0 without SiteChecker, and IE7. (A similar add-in is not available for IE7.)
The SiteChecker add-in has been in development for some time, and was only released on November 3. The Smartware Technologies test, meanwhile, was conducted between October 19 to November 6, so SiteChecker's existence may not yet have been generally known.
Still, the PhishTank folks were hoping for a little more spotlight to come from yesterday's release of its test results. In a blog post on its company Web site, it thanks Washington Post IT security correspondent Brian Krebs for mentioning it on the Security Fix blog, but also commented, "Aww...only one sentence. Oh, well."