IE 7.0 and Firefox 2.0 Both Have New Antiphishing Technologies

This week Microsoft released the long awaited Internet Explorer 7.0. This latest incarnation introduces some new features that have been present in other browsers for quite some time, such as tabbed browsing panes, integrated search, and an RSS reader. IE 7.0 also comes with some improvements to security, most notably integrated antiphishing technology.

Also released this week is Mozilla Firefox 2.0, which comes after a series of rapidly published release candidates.The new version includes enhancements to tabbed browsing, better support for RSS feeds, antiphishing technology, and other new features.

Antiphishing technology is of ever-growing importance for browsers. The Anti-Phishing Working Groups's May 2006 report on phishing trends shows that phishing has increased 400 percent over the last 12 months.

3Sharp recently conducted a test, commissioned by Microsoft, of several antiphishing technologies to determine which technologies perform best. While the company's tests were well-rounded, their final scores were weighted towards technologies that completely block access to phishing sites as opposed to those that only provide a warning that a site might be meant for phishing.

In the weighted outcome, IE 7.0 fared the best of all products. However when the tests were unweighted, GeoTrust TrustWatch performed the best, catching 99 percent of all phishing sites tested. But that success rate does come with what some people might perceive as a downside.

A spokesperson for 3Sharp said in the report, "When we examined the raw block and warn rates, we found that GeoTrust's solution had the highest catch rate, followed by IE 7.0 and Netcraft. However, the GeoTrust solution only warns users; it doesn't block them from accessing known phishing sites. In addition, GeoTrust made the most mistakes when evaluating known good sites, which hurt its overall composite score."

Since GeoTrust's solution warns users instead of blocking access to a site completely, some might see TrustWatch's false positive rate as a small price to pay in exchange for the high positive detection rate. The only other solution to produce false positives in 3Sharp's tests was Earthlink ScamBlocker, which had a 1.6 percent false positive rate compared to GeoTrust's 32.2 percent rate.

Products tested by 3Sharp include IE 7.0 Beta 3, Earthlink ScamBlocker, eBay Toolbar with AccountGuard, GeoTrust TrustWatch, Google Toolbar for Firefox with Safe Browsing, McAfee Site Advisory, Netcraft Toolbar, and Netscape Browser with built-in antiphishing technology. Firefox 2.0 with its built-in antiphishing technology wasn't tested.

Disclosure statement: Paul Robichaux, a founding partner at 3Sharp, is also a writer for Windows IT Pro magazine.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.