Anti-phishing software
Anti-phishing software consists of
Most popular
Password managers can also be used to help defend against phishing, as can some mutual authentication techniques.
Types of anti-phishing software
Email security
According to Gartner, "email security refers collectively to the prediction, prevention, detection and response framework used to provide attack protection and access protection for email." Email security solution may be : Email security spans gateways, email systems, user behavior, content security, and various supporting processes, services and adjacent security architecture.[3]
Security awareness computer-based training
According to Gartner, security awareness training include one or more of the following capabilities: Ready-to-use training and educational content, Employee testing and knowledge checks, Availability in multiple languages, Phishing and other social engineering attack simulations, Platform and awareness analytics to help measure the efficacy of the awareness program.[4]
Notable client-based anti-phishing programs
- avast!
- Avira Premium Security Suite
- EarthlinkScamBlocker (discontinued)
- eBay Toolbar
- Egress Defend [5]
- ESET Smart Security
- G Data SoftwareG DATA Antivirus
- GeoTrust TrustWatch
- Google Safe Browsing (used in Mozilla Firefox, Google Chrome, Opera, Safari, and Vivaldi)
- Kaspersky Internet Security (discontinued)
- Kaspersky Anti-Virus (discontinued)
- SiteAdvisor
- Microsoft SmartScreen (used in Microsoft Edge, Internet Explorer, and Microsoft Outlook)
- Mozilla Thunderbird
- Netcraft Toolbar
- Netscape
- Norton 360
- Norton Internet Security
- PhishTank SiteChecker
- Quick Heal
- Windows Mail - default Windows Vistae-mail client
- WOT (Web Of Trust)- browser extension
- ZoneAlarm
Service-based anti-phishing
Anti-phishing effectiveness
An independent study
Another study,[7] conducted by SmartWare for Mozilla and released November 14, 2006, concluded that the anti-phishing filter in Firefox was more effective than Internet Explorer by over 10%. The results of this study have been questioned by critics,[8] noting that the testing data was sourced exclusively from PhishTank, which itself is an anti-phishing provider. The study only compared Internet Explorer and Firefox, leaving out (among others) Netcraft Toolbar and the Opera browser, both of which use data from PhishTank in their anti-phishing solutions. This has led to speculations that, with the limited testing data, both Opera and Netcraft Toolbar would have gotten a perfect score had they been part of the study.[9]
While the two directly aforementioned reports were released only one day apart, Asa Dotzler, Director of Community Development at Mozilla, has responded to the criticism of the Mozilla-commissioned report by saying, "so you're agreeing that the most recent legitimate data puts Firefox ahead. Good enough for me."[10]
Since these studies were conducted, both
See also
- Mutual authentication
- Two-factor authentication - note: almost all two-factor techniques are also susceptible to phishing.[11]
References
- ISSN 2662-995X.
- ^ Aleksandersen, Daniel (16 August 2016). "Most of the alternate web browsers don't have fraud and malware protection". Slight Future. Retrieved 25 August 2016.
- ^ Gartner Inc. "Best Email Security Reviews 2023 | Gartner Peer Insights". Gartner. Retrieved 2023-07-18.
- ^ Gartner Inc. "Best Security Awareness Training Software Reviews 2023 | Gartner Peer Insights". Gartner. Retrieved 2023-07-18.
- ^ Egress Defend
- ^ "Phinding Phish: An Evaluation of Anti-Phishing Toolbars" (PDF). Archived from the original (PDF) on 2010-06-10. Retrieved 2008-05-25.
- ^ "Firefox 2 Phishing Protection Effectiveness Testing". Retrieved 2008-05-25.
- ^ "Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so."". Archived from the original on 5 May 2008. Retrieved 2008-05-25.
- ^ "Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so."". Archived from the original on 5 May 2008. Retrieved 2008-05-25.
- ^ "Comment to Asa Dotzler blog post "safari unsafe? paypal thinks so."". Archived from the original on 5 May 2008. Retrieved 2008-05-25.
- ^ Schneier, Bruce. "Kingdom Authentication". CSO Magazine. Feb 2006: 52.
External links
- Anti-phishing software at Curlie