AV Comparatives Latest Phishing Test

[FreddyFreeloader]

[/img]

http://www.av-comparatives.org/wp-content/uploads/2013/08/avc_aph_201308_en.pdf

 

[Nedim]

Thanks...Good job ESET!

 

[imsoadude]

Wow avast is almost at the bottom thats surprising

 

[FreddyFreeloader]

Here's my thoughts on phishing sites----if you can't tell if a site is legit or if it's a phishing url - you may be an idiot.

 

[Ink]

Exactly, and that's why you don't need AV software to check for Phishing pages.

 

[FreddyFreeloader]

Exactly, and that's why you don't need AV software to check for Phishing pages.

Just got an e-mail from my bank (supposedly) with a link to click for a new service they were offering, but the link didn't have a secure connection. I sent the e-mail w/link to my bank security people, about an hour later they wrote back and confirmed it was a phishing site. In the meantime, that phishing e-mail has automatically deleted itself from my mailbox.

 

[Littlebits]

I will have to agree with you guys, I never considered it to be the job of security products to detect phishing websites. There are plenty of browser add-ons that can do a much better job along with some common sense.

Most phishing sites are so obvious that someone would either have to be blind or just not paying attention to fall for them.

Thanks.

 

[MrXidus]

Avast proudly advertises that it protects against many various phishing attacks on it's front page.

Yet that result from Avast shows otherwise, a gap of even that size can allow alot of money and details to be stolen from victims.

Here's my thoughts on phishing sites----if you can't tell if a site is legit or if it's a phishing url - you may be an idiot.

One thing to be aware of is our old folks aren't as tech savvy as we are and those are usually the ones that would fall victim to this.
There is no way they could be fully aware of all these different phishing tactics and know how to spot and protect themselves from it unless you personally gave your old folks a long lesson about online security.
Simply installing internet security software to magically take care of threats is not enough. People need to be educated about these things.

“A mistake is a crash-course in learning.”

Don't let them learn the hard way, help them out if you can.

 

[FreddyFreeloader]

Simply installing internet security software to magically take care of threats is not enough. People need to be educated about these things.

“A mistake is a crash-course in learning.”

Don't let them learn the hard way, help them out if you can.

Well, if you buy into the results of this test, you ought to buy them ESET, Kaspersky.

 

[FreddyFreeloader]

[/img]
http://www.av-comparatives.org/wp-content/uploads/2012/12/avc_phi_browser_201212_en.pdf
Opera uses Phishtank for it's phish filter.

 

[MrXidus]

Well, if you buy into the results of this test, you ought to buy them ESET, Kaspersky.

I always take these tests with a grain of salt, I was figuratively speaking by the test of numbers shown if you were to buy into the results.

The real foolish thing to do would be buying them security software and leaving it to set and forget thinking that the software will do all the work providing 100% protection when it won't.

The best (and free) solution to this is knowledge to teach the non-tech savvy folks about online security as no software will ever do better than that.

Thanks.

 

[Littlebits]

Opera Fraud Protection offers the most extensive protection against phishing, doing a triple check of sites against phishing blacklists from Netcraft, PhishTank, and Haute Security.

Its main detection comes from Netcraft which has proven to be more effective on testing sites. PhishTank is now a part of OpenDNS and is included if you use OpenDNS as your service.

Netcraft Toolbar can be added to Chrome and Firefox. Netcraft's detection is already added to IE v.7 and above as a part of Microsoft Phishing Filter which is now called SmartScreen already included on Windows 8 to support all browsers.

I seriously doubt that SmartScreen was used on this test. It was probably disabled to only test the security products.

http://antivirus.about.com/od/freeantivirussoftware/tp/phishingfilter.htm
http://en.wikipedia.org/wiki/Netcraft

Enjoy!!

 

[Ink]

For PC, I'll stick with what I said before. However for Tablets/Mobile devices, it may be useful as the browser doesn't really indicate much about the site you're visiting (except the Address bar).
http://blog.trendmicro.com/trendlabs-security-intelligence/mobile-phishing-attack-asks-for-users-government-ids/

It's recommended to Bookmark frequently visited sites, as suggested in the link above.

 

[FreddyFreeloader]

Or, you can use your banks app, just get it from the Google store, Apple store.

 

[Littlebits]

I just wonder if AV-Comparatives did test SmartScreen which uses technologies from Netcraft and Microsoft Malware Research Center, if it would have scored better then ESET. AV-Comparative never seem to test Windows default security components. If SmartScreen did do better then the rest then it would render these paid product not as effective.

In the past, I have read on several testing sites how Netcraft had the best phishing detection. http://news.netcraft.com/archives/2007/02/07/netcraft_toolbar_ranks_best_in_thirdparty_testing.html

Enjoy!!

 

[Ink]

Potentially unsafe? Wouldn't your logins would be saved per loading the app. Making out that if you device was stolen someone has access to view-only your account details. I haven't used or bothered with a Bank app, because it's unsafe (IMO).

Or, you can use your banks app, just get it from the Google store, Apple store.

 

[FreddyFreeloader]

Potentially unsafe? Wouldn't your logins would be saved per loading the app. Making out that if you device was stolen someone has access to view-only your account details. I haven't used or bothered with a Bank app, because it's unsafe (IMO).

Or, you can use your banks app, just get it from the Google store, Apple store.

You can password apps. I'll go one better, don't use a tablet or smart phone for any financial transactions.