Internet Explorer has the worst phishing catch rate of all major browsers


A new report by security research firm NSS Labs looks at the comparative performance of popular browsers when it comes to blocking phishing attacks. Over a 12-day test period the average phishing catch rate ranged from 96 percent for Firefox 19 to only 83 percent for Internet Explorer 10.

Of the other big three, Chrome 25 scored 92 percent, Safari 5 managed 95 percent, and Opera 12 scored 89 percent. Chrome, Firefox and Safari all make use of Google’s Safe Browsing API so it’s unsurprising that they scored within a few points of each other. Microsoft uses its own SmartScreen technology in IE, whereas Opera uses a combination of blacklists from Netcraft, PhishTank and TRUSTe.

The average block rate across all of the tested browsers is 90.1 percent, down almost 2 percent on the previous year’s average, although those using the Google Safe Browsing API performed slightly better than last year.

What’s also interesting is the amount of time it takes for a new phishing site to be blocked. As these sites only have an average lifespan of 26 hours it’s vital that they’re detected and blocked quickly. Once again IE 10 turns in disappointing results, taking on average 2.55 hours to block a new site. Safari and Firefox do best here taking 0.5 and 0.7 hours respectively, whilst Chrome at 1.68 hours is around the all browser average. Opera scores just ahead of IE with 2.47 hours.

All of the NSS tests were carried out on a PC running Windows 8 Enterprise with the latest version of each browser available on each day of the test. The full methodology is available on the NSS website.


About Author