Posted on Friday, September 29 2006 @ 15:47 CEST by Thomas De Maesschalck
Paul Robichaux, senior partner at 3Sharp, has more than 20 years' experience as a software developer, messaging architect, and system administrator. "Over the last few years", he points out, "phishing has become a much bigger problem. Phishers have become more sophisticated-and brazen-in their attacks, and they're getting better at fooling people."
Robichaux says, "Early phish were pretty rudimentary, but today's phish are often very realistic, and they're getting better all the time. To protect users from this dynamic threat, our study results show that the best browser-based anti-phishing protection offered today uses a combination of heuristics and a broad set of regularly updated data sources."
To gain perspective on the technologies available and their effectiveness in protecting consumers from these increased risks, 3Sharp conducted a study commissioned by Microsoft called Gone Phishing: Evaluating Anti-Phishing Tools for Windows. The study offers the industry and consumers a more quantitative understanding of anti-phishing technology effectiveness. This study was designed to go beyond the common practice of citing anecdotal conclusions based on a handful of test phishing sites. "We believe that this is the most comprehensive public study to date of how well anti-phishing technologies work against live phish," said Robichaux.
3Sharp's methodology creates a composite score for each technology based on both its accuracy in catching real phishing websites and its error rate in incorrectly blocking legitimate websites. The overall results of these tests show that Internet Explorer 7 Beta 3 with Phishing Filter had the best overall accuracy, resulting in an overall composite score of 172 out of a possible 200. The Netcraft Toolbar was close behind Internet Explorer 7 with a composite score of 168.
Following Netcraft there was a significant gap in terms of overall effectiveness: the third-place technology scored 106 of a possible 200, while the last-place technology scored 3 of 200 Other phishing technologies analyzed include (in alphabetical order) EarthLink ScamBlocker, the eBay Toolbar, GeoTrust TrustWatch, Google Safe Browsing on Firefox, McAfee SiteAdvisor, and Netscape Browser.
The results of the study are highlighted below:
3Sharp's goal was to evaluate each anti-phishing technology based on the principle that effectiveness of anti-phishing technologies needs to balance two critical goals: protecting the user through high accuracy in warning and blocking known phish, and ensuring a low rate of mistakes - or false warnings and blocks - on legitimate websites. 3Sharp did this by testing each technology against the same independent list of 100 phish, collected and updated daily from several well-known industry e-mail sources between May and July 2006. 3Sharp also tested each technology against 500 known-good legitimate websites and scored the results to develop the composite effectiveness score. Blocking a site correctly scored twice as much as just warning on a site, while incorrectly blocking or warning on legitimate sites resulted in similar point deductions, and a mathematical formula was used to calculate overall accuracy.1. Internet Explorer 7 Beta 3 RC3 with Microsoft Phishing Filter with a score of 172 points 2. Netcraft Toolbar with a score of 168 3. Google Safe Browsing on Firefox with a score of 106 4. eBay Toolbar with a score of 92 5. Earthlink ScamBlocker with a score of 76 6. GeoTrust TrustWatch with a score of 67 7. Netscape 8.1 with score a of 56 8. McAfee Site Advisor with a score of 3
