Microsoft’s Edge browser blocks the highest percentage of socially engineered malware (SEM) and phishing attacks compared to Google Chrome and Mozilla Firefox, newly published NSS Labs reports reveal.
The cyber security product research, testing, and advisory company conducted two global tests to measure how effective web browsers are at blocking current threats targeting Internet users, and discovered that the apps that blocked the most attacks overall also blocked URLs the fastest.
The tests were conducted between Sept. 26, 2016 and Oct. 9, 2016, with 220,918 socially engineered malware results and 78,921 phishing results recorded. For their tests, NSS Labs considered Google Chrome version 53.0.2785, Microsoft Edge 38.14393.0.0, and Mozilla Firefox version 48.0.2. The browsers were tested on Windows 10 Enterprise – Version 1607.
When it comes to SEM protection, Microsoft Edge came up on top by blocking 99.0% of the samples, followed by Google Chrome with 85.8% and Mozilla Firefox with 78.3%. While Edge uses SmartScreen URL filtering and Application Reputation (App Rep) for user protection, Chrome and Firefox use URL filtering and an application reputation system called Download Protection.
The test also revealed that Microsoft Edge could deliver a 98.7% zero-hour protection rate for malware, followed by Chrome with 92.8%, and Firefox with 78.3%. After 7 days of testing, Edge was in the lead with a 99.3% block rate, 3.6% higher than Chrome and 17.4% higher than Firefox. On average, Edge needed less than 10 minutes to block malware, Chrome needed 2 hours and 39 minutes, while Firefox needed over 3 hours and 45 minutes.
When it comes to phishing protection, Microsoft Edge had a phishing catch rate of 91.4% over the 12-day test period, followed by Chrome with 82.4% and Firefox with 81.4%. An average of 145,581 unique email phishing campaigns were reported each month this year, making a browser’s ability to block such attacks highly important. However, SEM protection is as important when assessing a browser’s security capabilities, NSS Labs notes.
The phishing protection test conducted by NSS Labs collected 78,921 results during the test period and revealed that Microsoft Edge has an initial protection rate of 92.1%, followed by Firefox at 84.0%, and Chrome with only 82.7% percent. By the seventh day, Microsoft Edge climbed to 92.9%, Chrome to 85.6%, and Firefox to 84.9% (both Chrome and Firefox rely on Google Safe Browsing API, hence the nearly identical performance).
The average time to block a phishing site is of 56.4 minutes. While Microsoft Edge was in the lead at 24 minutes, the other two browsers needed over an hour to block the offending sites: 61.2 minutes for Firefox and 84.6 minutes for Chrome.
Nearly one third of all Internet users have fallen victim to socially engineered malware, making this threat one of the most encountered today. Both individuals and organizations are at risk, because such attacks can compromise, damage, or acquire sensitive personal and corporate information. Phishing attacks represent an equally important and damaging threat, as they become more complex and sophisticated, being harder to detect and difficult to prevent.
Related Reading: DomainTools Service Eyes Potentially Dangerous Domains