Firefox 2 beats IE7 at blocking phishing – report

Matt Whipp Read more October 7, 2009

Firefox 2 has the upper hand over IE7 when it comes to detecting and blocking access to phishing sites, according to a recent report.

The report found that Firefox 2 had a 78.85 per cent accuracy rate when using its local list of known phishing URLs, and 81.54 per cent when also checking against the blacklists run by Google.

In comparison, Microsoft’s IE7, which operates slightly differently, showed a 66.35 per cent accuracy rate when its autocheck phishing filter was turned on. This checks URLs against a database run by Microsoft, as well as running a set of heuristic tests on the target URLs. When the filter was turned off, then the IE7’s strike rate was a negligible 1.54 per cent.

The results also showed 243 instances where Firefox blocked sites when IE7 failed to do so, and 117 instances where the reverse was true. In all, some 65 of the 1,040 URLs were not clocked as dangerous by either of the browsers.

The report, undertaken by SmartWare, tested the browser rivals against a set of phishing sites used in Phishtank, a resource of identified and suspected phishing sources operated by antiphishing body OpenDNS.

It concluded that Firefox 2 ‘is more effective’ than IE7 at safeguarding the users from phishing sites.

Shortly before releasing IE7, Microsoft released a report showing that it is in fact IE7 which offers the best phishing protection. The report, conducted by 3Sharp, tested IE7 against seven other anti-phishing services, including Firefox with its Google plug-in turned on (but before the release of Firefox 2.0, note).

IE7 romped home with a score of 172 out of a possible 200. While the pool the services were tested against is markedly smaller than the SmartWare test, the 3Sharp project also tested for false-positives, i.e. whether legitimate sites were incorrectly identified as phishing sites.

NetCraft’s toolbar came a close second with a score of 168, while Firefox limped home in third with 106.

3Sharp’s Paul Robichaux responded to the SmartWare report, describing the findings as ‘meaningless’ without including data on false-positives. He also notes that although the study points out that IE7 includes warning as well as blocking features, data on whether or not IE7 warned against URLs was not included in the report.

Additionally, the 3Sharp report was carried out over a longer period of time and tested against multiple resources of phishing URLs as well as using more phishing services for comparison.

Others also suggest the SmartWare test might have been rigged, as the PhishTank pool of phishing URLs is already a plug-in for FireFox.

However, IE7’s phishing filter has also come in for criticism of quite another kind. Executives at European hosting company Strato told us that using IE7 in the Old World was slower: the phishing filter slows down browsing as it has to make a return transatlantic trip to Redmond to check the URL its about to display against Microsoft’s database.