NSS Labs Tests Reveal That Nearly 90% of Consumers Are Inadequately Protected Against Phishing Attacks by End Point Protection Solutions

Related: Security, News

NSS Labs Tests Reveal That Nearly 90% of Consumers Are Inadequately Protected Against Phishing Attacks by End Point Protection Solutions

NSS Labs today released the latest Comparative Analysis Report from its 2013 Group Test for Consumer End Point Protection (EPP), which evaluated 13 leading EPP solutions and their ability to block threats such as exploits, malware and phishing. Phishing attacks represent some of the most common and impactful security dangers consumers face today and NSS' tests suggest many users' EPP products may be providing a false sense of security against these risks.

View the NSS Labs 2013 Consumer End Point Protection Comparative Analysis Report - Phishing.

Based on Market Share, over 90% of Consumers are Inadequately Protected
The top two performers in NSS' test, Trend Micro and Kaspersky, were the only tested products with block rates of over 70% and only account for ~9% of the global end point security software market according to September 2012 OPSWAT report. This leaves over 90% of the market severely under-protected -- and in some cases, virtually unprotected -- from phishing attacks, which can have disastrous consequences for end users. NSS phishing test results yielded several key conclusions:

  • Protection levels vary widely between vendors: Protection levels ranged from 3% at the lowest end (Norman) to 92% at the highest (Trend Micro).
  • Web browsers should be the first line of defense against phishing: Modern Web browsers now offer 90% to 94% protection against phishing according to NSS tests. Browser makers' security progress allows users running their latest versions to benefit from an extra layer of anti-phishing protection. Consumers should still take time to understand more about phishing and best practices for avoiding phishers' increasingly deceptive attacks.
  • Timing is everything: The average time it takes an EPP product to block a new type of phishing attack is critical to overall protection. With phishing attacks having an average lifespan of only 23 hours, effective EPP solutions must identify and begin blocking attacks immediately. Only 2 of the 13 vendors tested, Trend Micro and Kaspersky, were as fast (or faster) than the Web browsers NSS tested at recognizing and adding phishing protection. Both took around 4 - 4.5 hours to block, while the top two web browsers took 2.35 hours and 5.38 hours, respectively.
  • Look for balanced protection: Consumers evaluating EPP solutions should consider a product's ability to block against exploits and socially engineered malware, beyond considering anti-phishing performance alone. These general detection capabilities are essential and complement browser-based security.

Commentary: NSS Labs Research Director Randy Abrams
"The change in the security landscape over the past few years is stark. Web browsers were once the Typhoid Mary that stressed antivirus solutions to the breaking point. However, recent NSS tests of browsers and AV products reveal that the leading browsers are now full fledged partners with antivirus in the fight against phishing and are generally doing a better job of protecting against phishing attacks than end point security suites," said Randy Abrams, Research Director at NSS Labs. "The generally low protection against phishing offered by antivirus suites would be cause for serious concern if the leading browsers weren't doing as well as they are at blocking such attacks."




More On: Security, News



Comment & Share

Related Links
NTT Communications Celebrates 4th State-of-the-Art Data Center in CyberjayaNTT Communications Celebrates 4th State-of-the-Art Data Center in Cyberjaya
April 22, 2014
SanDisk Announces 15 Nanometer Technology, World's Most Advanced NAND Flash Manufacturing NodeSanDisk Announces 15 Nanometer Technology, World's Most Advanced NAND Flash Manufacturing Node
April 22, 2014
Mobile Messaging - The Next-generation Global Social NetworksMobile Messaging - The Next-generation Global Social Networks
April 22, 2014
Mobile Messaging - The Next-generation Global Social NetworksMobile Messaging - The Next-generation Global Social Networks
April 22, 2014
Is that a Wig? Bitcoin Provides Anonymity Important to Niche BuyersIs that a Wig? Bitcoin Provides Anonymity Important to Niche Buyers
April 22, 2014


About Author

Subscribe to Author Alerts

Subscribe for News & Specials