New Anti-Phishing Test-AV Comparatives-August 2013

PDF:

http://www.av-comparatives.org/wp-content/uploads/2013/08/avc_aph_201308_en.pdf

Chart:

http://chart.av-comparatives.org/chart1.php?chart=chart3&year=2013&month=8&sort=1&zoom=1

 

Nice to see Emsisoft tested.
Nice job Eset.

 

AVG, Avira, Webroot are gone....

 

No Webroot! I would have really liked to see the results of Webroot. One of the reasons I use WSA is because of it's Bright Cloud technology. Good to see Eset, and Kaspersky doing really well. I recommend them both to friends, and family.

 

Webroot is not included in the test-series of 2013.
About the other ones, it was forgotten to write the following sentence in the report: "At the beginning of the year, we gave the vendors the opportunity to opt out of the Anti-Phishing test. AhnLab, AVG, AVIRA, Kingsoft and Tencent decided not to take part in this test."

 

Nice job ESET.

 

Yes, massive improvement on previous 2 years. Good to see ESET at the top of chart again.

 

Thanks for the clarification.

 

Looks like Qihoo could do better in this regard.
Oh well, I guess idiots who actually need anti phishing software should use TrafficLight.

 

IBK,


Will we be seeing any advanced Mac malware tests coming up in the future from your testing firm?

.

 

several tests / reports will be released in the next weeks, one covering also Mac.

 

Did Webroot say they did not want to take part in the test for 2013?

 

I happen to like phishing protection because I do not even want to waste my time reading their scams unless it is to report them. Many thousands of desperate people, and elderly people fall victim to fraud scams every year. I have seen many imposter websites that look almost identical to a popular bank website, or social network site. I have reported many of them.

 

I also like using phishing protection, thats why i ise K9 with qihoo. They are a amazing pair.

 

Any tests of K9 effectiveness against malware/phising?

 

Yes, the idiots and the ignorant.

The URL is always different; a clear telltale sign.

 

Not necessarily, the URL isn't always registered as clearly different and they can hack a legitimate website. Even if you just view the website, it's still possible to steal information and (rarely) exploit the system.

It's just a tool like any other, do you view all blacklisting (AV included) for the idiots and ignorants?

 

That's a different situation, where anti phishing software wouldn't help. Anti-exploit software would be necessary.

Malicious software is rarely blatantly malicious; phishing websites are extremely easy to spot.

 

Not really, anti-phishing software can know hacked websites before you and detect code from a malicious domain. Plus, the URL could just be realwebsite.com vs realwebsite.net (actual site), no exploits needed. And of course the usual IP, cookies, and other browser data can be viewed/set just by visiting the phishing site.

You've only seen the easy ones, partly because it's easier to make and to attract only the gullible. Then again, it may just be semantics.

 

Oh please, it's extremely unlikely that a reliable, renowned website be successfully injected with phishing code, and when it happens it is usually resolved quickly anyway.
And you shouldn't be putting your banking information on websites that aren't famous and reliable in the first place. When's the last time Amazon was hacked?

That's extremely easy to notice if you have an even partially functioning brain.

You'd have to visit the phishing site in the first place, which is usually the result of idiocy.

Nope, you're paranoid. I never run into phishing websites. I don't think I've ever seen any phishing emails either, and I'm on gmail with no additional Anti Spam software.

 

Now it's extremely unlikely instead of always, my point has already made across.

Only when paying attention to a website that you're familiar with the URL. Probably not enough disclose private info, but a visit to check it out is likely.

Ever heard of curiosity, redirects, and user error? All idiocy, right.

I was talking about what you've read and known of, not actual visits. All in all, stating that this is only for idiots is something that I don't agree on except when they're facts.

 

Looks like a Qihoo fan is desperately trying to bash the test.

 

In real-life usage, as long as you exercise a minimal degree of care, you're not going to run into any such website.
I've used BitDefender and Kaspersky, which always rank pretty high in tests like this, and have never received a single phishing alert, even though I literally visit at least one new website every day. My banking information is perfectly safe as well.

Let's face it, the vast majority of phishing attacks are due to (IT-wise) idiots who open fake emails supposedly from their banks' website, paypal etc.
That's what these anti phishing tools are designed to block.

The odds of running into a phishing website so elaborate that it does not require any stupidity on the user's part, bypasses all the browser's built in protections, AND of a phishing tool protecting the user against it (they'd most likely fall in the 1-2% of websites they don't detect), are so low that the discussion becomes a merely pointless theoretical one.

Only morons are "fans" of products.

 

For phishing protection, I prefer OpenDNS.

 

congrats forticlient lite