New
#1
This could be why opening pages using Edge whilst browsing takes longer, than IE or Chrome.
This would allow time to do extra security checks.
According to a new browser security report, Microsoft Edge is more effective than both Chrome and Firefox at protecting users from some malicious threats. The report, which comes from NSS Labs (via Betanews), seeks to compare the three major browsers and their effectiveness at countering socially engineered malware (SEM) and phishing attacks...
Two global tests were conducted measuring how effective browsers are at protecting against socially engineered malware (SEM) and phishing attacks.
Socially engineered malware (SEM) remains one of the most common security threat facing Internet users today, claiming as much as one third of Internet users as victims. These attacks pose a significant risk to individuals and organizations by threatening to compromise, damage, or acquire sensitive personal and corporate information. Europeans and Americans have increasingly found themselves targets of ransomware over the last 12 months.
Phishing attacks pose a significant risk to individuals and organizations alike, by threatening to compromise or acquire sensitive personal and corporate information. In 2016, over 145,000 unique email phishing campaigns were reported each month, and 125,000 unique phishing websites were detected each month— the highest ever recorded. Phishing attacks are becoming more complex and sophisticated, making these attacks harder to detect and difficult to prevent.
Browsers tested Included:
- Google Chrome: Version 53.0.2785
- Microsoft Edge 38.14393.0.0
- Mozilla Firefox: Version 48.0.2
Use the form on the right to download the free Web Browser Security Comparative Reports today.
Read more: Microsoft Edge takes top spot over Chrome and Firefox in new security report | Windows Central
Download report: https://www.nsslabs.com/web-browser-security/
This could be why opening pages using Edge whilst browsing takes longer, than IE or Chrome.
This would allow time to do extra security checks.
Socially Engineered Malware and Phishing depend on the user, or victim getting duped into revealing information that is unsafe, or downloading unsafe software that masquerades as something else. User awareness and safe browsing practices are still the number one defence against attacks of these kind, and however good the browser's defenses are, if the browser takes a day to register a site as being unsafe, or actively distributing malware or phishing emails etc., many naive or unschooled users may be caught up in these exploitation scams.
In this way, relying on browsers for protection, is unsafe, and tests of levels of browser protection are somewhat meaningless, and provide a false sense of security.
These tests have much to do with how quickly the browser is able to block these sites from the first encounter or "zero hour" - It is not so much a test of the browser, but of Microsoft's SmartScreen filter compared with the Google Safe Browsing API.
SmartScreen scores well with upwards of 98% blocking, Google levels out at about 85%.
The actual methodology of the testing process by NSS is still vague, IMO: https://www.nsslabs.com/linkservid/4...124BD6058D31A/
Defence against Phishing emails should generally involve Email clients rather than browsers, as most webmail clients (accessed via a browser) have their own built-in anti-malware/spam and undesirable source address filters.
If the stats contained real-world data consisting of numbers of users actually exploited for each browser, the results may have some significance, as it is, as already noted, the test results have very little significance, and may increase confidence, but not security.