Testing over time reveals a wide range of protection from the high 90s to single digits.
AUSTIN, Texas – July 14, 2020 – NSS Labs, Inc., a global leader and trusted source for independent cybersecurity product testing, today announced the results of its 2020 Web Browser Security Test. Four of the world’s leading web browsers were tested for Phishing Protection and Malware Protection.
NSS Labs conducted 129,068 discrete tests of malware protection (32,267 per web browser) over a period of 34 days, and 189,096 discrete tests of phishing protection (47,274 per web browser) over 18 days. The reports include measurements of protection against fresh new attacks, consistency of protection over time, and how effective the browser protection was overall.
Key Take Aways:
- Phishing protection rates ranged from 79.2% to 95.5%
- For malware, the highest block rate was 98.5% and the lowest block rate was 5.6%
- Protection improved over time; the most consistent products provided the best protection against phishing and malware.
Email, instant messages, SMS messages and links on social networking sites are used by criminals to lure victims to download and install malware disguised as legitimate software (a.k.a. socially engineered malware). Once the malware is installed, victims are subjected to identity theft, bank account compromise, and other devastating consequences. Those same techniques are also used for phishing attacks, where victims are lured to websites impersonating banking, social media, charity, payroll, and other legitimate websites; victims are then tricked into providing passwords, credit card and bank account numbers, and other private information. In addition, landing pages (URLs) from phishing websites are another way attackers exploit victim’s computers and silently install malicious software.
The ability to warn potential victims that they are about to stray onto a malicious website puts web browsers in a unique position to combat phishing, malware, and other criminal attacks. To protect against malware and phishing attacks, browsers use cloud-based reputation systems that scour the Internet for malicious websites and then categorize content accordingly, either by adding it to blocklists or whitelists, or by assigning it a score.
“As a result of the COVID-19 pandemic, employees have been forced to work from home and now have unprecedented remote access to corporate resources. Threat actors are shifting tactics to target these remote employees who may not benefit from corporate protection,” said Vikram Phatak, founder of NSS Labs. “This makes the protection offered by web browsers more important than ever.”
The Comparative Test Reports provide detailed results including block rates for each product and data recording consistency of protection over time. As a service to the community, NSS Labs is providing these reports for free on our website at nsslabs.com.
The following browsers were tested:
- Google Chrome: Version 81.0.4044.113 – 81.0.4044.138
- Microsoft Edge: Version 83.0.478.10 – 84.0.516.1
- Mozilla Firefox: Version 75.0 – 76.0.1
- Opera: Version: 67.0.3575.137 – 68.0.3618.125