BWW Geeks World

NSS Labs Tests Reveal That Nearly 90% of Consumers Are Inadequately Protected Against Phishing Attacks by End Point Protection Solutions

Related: Security, News
NSS Labs Tests Reveal That Nearly 90% of Consumers Are Inadequately Protected Against Phishing Attacks by End Point Protection Solutions

NSS Labs today released the latest Comparative Analysis Report from its 2013 Group Test for Consumer End Point Protection (EPP), which evaluated 13 leading EPP solutions and their ability to block threats such as exploits, malware and phishing. Phishing attacks represent some of the most common and impactful security dangers consumers face today and NSS' tests suggest many users' EPP products may be providing a false sense of security against these risks.

View the NSS Labs 2013 Consumer End Point Protection Comparative Analysis Report - Phishing.

Based on Market Share, over 90% of Consumers are Inadequately Protected
The top two performers in NSS' test, Trend Micro and Kaspersky, were the only tested products with block rates of over 70% and only account for ~9% of the global end point security software market according to September 2012 OPSWAT report. This leaves over 90% of the market severely under-protected -- and in some cases, virtually unprotected -- from phishing attacks, which can have disastrous consequences for end users. NSS phishing test results yielded several key conclusions:

  • Protection levels vary widely between vendors: Protection levels ranged from 3% at the lowest end (Norman) to 92% at the highest (Trend Micro).
  • Web browsers should be the first line of defense against phishing: Modern Web browsers now offer 90% to 94% protection against phishing according to NSS tests. Browser makers' security progress allows users running their latest versions to benefit from an extra layer of anti-phishing protection. Consumers should still take time to understand more about phishing and best practices for avoiding phishers' increasingly deceptive attacks.
  • Timing is everything: The average time it takes an EPP product to block a new type of phishing attack is critical to overall protection. With phishing attacks having an average lifespan of only 23 hours, effective EPP solutions must identify and begin blocking attacks immediately. Only 2 of the 13 vendors tested, Trend Micro and Kaspersky, were as fast (or faster) than the Web browsers NSS tested at recognizing and adding phishing protection. Both took around 4 - 4.5 hours to block, while the top two web browsers took 2.35 hours and 5.38 hours, respectively.
  • Look for balanced protection: Consumers evaluating EPP solutions should consider a product's ability to block against exploits and socially engineered malware, beyond considering anti-phishing performance alone. These general detection capabilities are essential and complement browser-based security.

Commentary: NSS Labs Research Director Randy Abrams
"The change in the security landscape over the past few years is stark. Web browsers were once the Typhoid Mary that stressed antivirus solutions to the breaking point. However, recent NSS tests of browsers and AV products reveal that the leading browsers are now full fledged partners with antivirus in the fight against phishing and are generally doing a better job of protecting against phishing attacks than end point security suites," said Randy Abrams, Research Director at NSS Labs. "The generally low protection against phishing offered by antivirus suites would be cause for serious concern if the leading browsers weren't doing as well as they are at blocking such attacks."

Related Links
PwC Submits Bid to Department of Defense Healthcare Management Systems Modernization Program featuring Open Source EHR SystemPwC Submits Bid to Department of Defense Healthcare Management Systems Modernization Program featuring Open Source EHR System
October 31, 2014
Black Hat Regional Summit 2014 Returns to Brazil, Brings Hacks of Mobile Devices, Payment Systems, Passwords and MoreBlack Hat Regional Summit 2014 Returns to Brazil, Brings Hacks of Mobile Devices, Payment Systems, Passwords and More
October 31, 2014
Garnero Group Acquisition Company Enters Into Agreement to Acquire Majority Ownership Stake In WISeKeyGarnero Group Acquisition Company Enters Into Agreement to Acquire Majority Ownership Stake In WISeKey
October 31, 2014
USA TODAY to Deliver Innovative, Interactive Election CoverageUSA TODAY to Deliver Innovative, Interactive Election Coverage
October 31, 2014
Online Banking Solutions Leverages Wearable Technology for Mobile Commercial Online BankingOnline Banking Solutions Leverages Wearable Technology for Mobile Commercial Online Banking
October 31, 2014


About Author

Subscribe to Author Alerts


Become a Fan, Follower & Subscriber