New Anti-Phishing Test-AV Comparatives-August 2013

i can say i have recently seen eset blocking a TON of stuff web page wise and mostly legit with just a couple fp's. way more than i ever have before which is awesome. but i was surprised to see it #1 its been a while since ive seen my old fav at the #1 spot lol. nice job!! and great job forticlient for a free av its one of the best i have seen i just wish for more options and settings so i could eliminate it auto delete at times etc. and mcafee well its been scoring good lately but you still until proven in my own eyes have to pay me a lot of $$ to run it on my own pc's lol

 

Yup. Us Forticlient users got to stick together. We are endanger specie here on Wilders. Congrats Forti!!!

Hmmm... Hasn't happened to me in the new version. It automatically puts a file into a quarantine and then gives you an option to put it back in the main Virus window.

 

Congrats to the top scorers. Personally had higher expectations from EAM but its still good.

 

A legitimate website being turned into a phishing website is less likely than a legitimate website serving malicious content (i.e. through an ad provider).

This happens a lot more often than one would think. I am a very cautious browser (I barely go anywhere, frankly) but even just yesterday, Photobucket attempted to infect me through a malicious ad which we blocked.

 

What exactly did the malicious ad attempt to do, and was the phishing filter the one that blocked it?

 

It was a driveby infection. I think for most AVs, the phishing filter is the same as the overall malicious website filter.

 

Not in ESET's case, they categories websites based upon what was found, malware site, phisingsite, or potentially harmful website etc...

And if it's not block totally by the URL or IP blocker, it's a good chance the http scanner would have detected it while scanning the website content. I've seen it block threats in ads on websites several times.

But as you say, most vendors probably just show "malware found on blahblah.com access denied" or only "malware site". more or less

 

Yeah, think that is broadly how McAfee works - siteadvisor (built-in with McIS) usually does quite well in phishing tests which come around infrequently (annual on AV-C?). I have also seen siteadvisor block adverts and inform user that it is blocking content on the page which has been flagged as 'malicious', whilst not blocking the whole site.