BWW Geeks World

NSS Labs Tests Reveal That Nearly 90% of Consumers Are Inadequately Protected Against Phishing Attacks by End Point Protection Solutions

Related: Security, News
NSS Labs Tests Reveal That Nearly 90% of Consumers Are Inadequately Protected Against Phishing Attacks by End Point Protection Solutions

NSS Labs today released the latest Comparative Analysis Report from its 2013 Group Test for Consumer End Point Protection (EPP), which evaluated 13 leading EPP solutions and their ability to block threats such as exploits, malware and phishing. Phishing attacks represent some of the most common and impactful security dangers consumers face today and NSS' tests suggest many users' EPP products may be providing a false sense of security against these risks.

View the NSS Labs 2013 Consumer End Point Protection Comparative Analysis Report - Phishing.

Based on Market Share, over 90% of Consumers are Inadequately Protected
The top two performers in NSS' test, Trend Micro and Kaspersky, were the only tested products with block rates of over 70% and only account for ~9% of the global end point security software market according to September 2012 OPSWAT report. This leaves over 90% of the market severely under-protected -- and in some cases, virtually unprotected -- from phishing attacks, which can have disastrous consequences for end users. NSS phishing test results yielded several key conclusions:

  • Protection levels vary widely between vendors: Protection levels ranged from 3% at the lowest end (Norman) to 92% at the highest (Trend Micro).
  • Web browsers should be the first line of defense against phishing: Modern Web browsers now offer 90% to 94% protection against phishing according to NSS tests. Browser makers' security progress allows users running their latest versions to benefit from an extra layer of anti-phishing protection. Consumers should still take time to understand more about phishing and best practices for avoiding phishers' increasingly deceptive attacks.
  • Timing is everything: The average time it takes an EPP product to block a new type of phishing attack is critical to overall protection. With phishing attacks having an average lifespan of only 23 hours, effective EPP solutions must identify and begin blocking attacks immediately. Only 2 of the 13 vendors tested, Trend Micro and Kaspersky, were as fast (or faster) than the Web browsers NSS tested at recognizing and adding phishing protection. Both took around 4 - 4.5 hours to block, while the top two web browsers took 2.35 hours and 5.38 hours, respectively.
  • Look for balanced protection: Consumers evaluating EPP solutions should consider a product's ability to block against exploits and socially engineered malware, beyond considering anti-phishing performance alone. These general detection capabilities are essential and complement browser-based security.

Commentary: NSS Labs Research Director Randy Abrams
"The change in the security landscape over the past few years is stark. Web browsers were once the Typhoid Mary that stressed antivirus solutions to the breaking point. However, recent NSS tests of browsers and AV products reveal that the leading browsers are now full fledged partners with antivirus in the fight against phishing and are generally doing a better job of protecting against phishing attacks than end point security suites," said Randy Abrams, Research Director at NSS Labs. "The generally low protection against phishing offered by antivirus suites would be cause for serious concern if the leading browsers weren't doing as well as they are at blocking such attacks."

Related Links
Stroock Wins Unanimous Decision for Middle-Class Residents of Trump Village 3, Inc.Stroock Wins Unanimous Decision for Middle-Class Residents of Trump Village 3, Inc.
December 18, 2014
Market for NFV, SDN, HetNet & Wireless Network Infrastructure 2015 - 2020 Analysis and ForecastMarket for NFV, SDN, HetNet & Wireless Network Infrastructure 2015 - 2020 Analysis and Forecast
December 18, 2014
All Covered Acquires Assets of 2 Detroit-Based IT Services CompaniesAll Covered Acquires Assets of 2 Detroit-Based IT Services Companies
December 18, 2014
EnterpriseDB Partners With New Investor Team to Fund Aggressive Growth Strategy EnterpriseDB Partners With New Investor Team to Fund Aggressive Growth Strategy
December 18, 2014
New Bluetooth Core Specification 4.2 Makes Major Leap Forward With Advancements for the Internet of Things; Also Adds Privacy, Security, and Speed Enhancements New Bluetooth Core Specification 4.2 Makes Major Leap Forward With Advancements for the Internet of Things; Also Adds Privacy, Security, and Speed Enhancements
December 18, 2014


About Author

Subscribe to Author Alerts


Become a Fan, Follower & Subscriber

   
Advertisement