All Browsers using Google SafeBrowsing API Lag in Blocking Click Fraud Malware, Potentially Inflating Advertisers’ Costs

AUSTIN, Texas – September 27, 2012 − NSS Labs, Inc., the leader in test-based research and analysis of information security products, today announced the results of web browser testing that examined the ability of the four leading browsers – Microsoft Internet Explorer, Google Chrome, Mozilla Firefox and Apple Safari – to protect against leading forms of malware linked to bank fraud, password theft, fake antivirus scams and click fraud.

When dealing with overall malware protection, Internet Explorer provides users with significant advantages, blocking 95 percent of malicious activity, while Chrome is a distant second, blocking only 33 percent. Safari and Firefox both block less than 6 percent. However, click fraud malware was blocked at a significantly lower rate by 3 of the 4 browsers tested. Internet Explorer continued to perform the best, blocking 96.6 percent of click fraud malware, while Chrome – despite its fast growing share of the market – stops only 1.6 percent and Firefox and Safari block only 0.8 percent and 0.7 percent, respectively. Block rate scores were calculated as 10-day moving averages.

By creating the appearance of legitimate ad click-throughs, click fraud scammers generate revenue for both fraudsters as well as legitimate ad networks.

“Given Chrome’s prominence and increasing market share, we predict ongoing increases in click fraud unless Google takes serious steps to improve its click fraud protection,” said Dr. Stefan Frei, Research Director, at NSS Labs.

Key findings from the NSS Labs report include:

  • Click fraud itself causes minimal direct harm to the typical end user as the ultimate target is the ad buyer.
  • Consumer and corporate users, however, are infected by additional malware as a by-product of click fraud installation.
  • Click fraud catch rates are Chrome 1.6%, Firefox 0.8%, Internet Explorer 96.6%, and Safari 0.7%.
  • Services are available that may help ad buyers identify click fraud. However, service contracts with ad networks may contain clauses that restrict ad buyers’ ability to recover damages for click fraud.
  • The average lifespan of a click fraud URL was 32 hours with over 50% expiring within 54 hours.

To conduct its study, NSS Labs performed significant research over a period of 175 days (December 2, 2011 to May 25, 2012) into the protection capabilities of Chrome, Firefox, Internet Explorer, and Safari. Each browser was tested with all available updates installed on identical virtual machines running Microsoft Windows 7.