Microsoft Sponsors Antiphishing Bakeoff

uniquebydegrees writes, "InfoWorld is blogging about the (predictable) results of a Microsoft-sponsored antiphishing technology bakeoff. From the TechWatch blog: 'Microsoft's Phishing Filter (MPF) in IE 7 Beta 3 received the highest "composite score" at 172, followed closely by NetCraft's toolbar with a composite score of 168. But when you dig into the numbers, another story emerges... IE's MPF antiphishing toolbar doesn't top out any of the individual tests that make up the composite score... So how did MPF end up on top?... Microsoft didn't do the best job of spotting phish sites, but it did do the best job of blocking the ones it did spot, and blocking was what garnered the most points... Blocking a phishing Web site earned you twice as many points as just warning about it in this test, but is blocking really twice as effective as just warning users?'"

BS composite scores didn't make a huge difference.

[dtfinch]

Disregarding their arbitrary scoring BS, and only looking at detection percentages, IE7 still did a good job, as expected from a Microsoft commissioned study.
GeoTrust TrustWatch caught 99%, but had a 32% false positive rate.
IE7 - 89%
Netcraft Toolbar - 84%
EarthLink ScamBlocker - 64%
Firefox/Google - 53%
eBay Toolbar - 46%
Netscape 8.1 - 28%
McAfee Site Advisor - 3%

How they came out with only 89% when they selected the sites themselves is anyone's guess.

Re:Do a lot of people still get phished?

[xenoarch]

untill December of last year i was a sysadmin for a large ISP, and when i left we still had 30+ phsing scams caught per day. Phishing is a social hack, and those are always more effective then just plain tech hacks. And yes blocking is more effective then warning.

Never mind phishing

[Anonymous Coward]

When is MSFT going to take responsibility for the tens of thousands of windows zombies out there? Microsoft are desperate to be seen to be doing something in the eyes of the public but when it comes to the crunch, they don't give a shit!

Perhaps we should start a "Spam is a Microsoft problem" campaign until they backport Vista's security model to the millions of systems already out there?

Re:Do a lot of people still get phished?

[jd142]

I get calls from people asking about emails from banks that they don't even do business with!

Them: I got a message from XYZ bank that my account is frozen. Do you think it is a scam?
Me: Do you have an account with XYZ?
Them: No, I've never done any business with them.
Me: Then you can be very sure it's a scam.

Results

[shiyun074238]

The results of the study as below:
1. Internet Explorer 7 Beta 3 RC3 with Microsoft Phishing Filter with a score of 172 points
2. Netcraft Toolbar with a score of 168
3. Google Safe Browsing on Firefox with a score of 106
4. eBay Toolbar with a score of 92
5. Earthlink ScamBlocker with a score of 76
6. GeoTrust TrustWatch with a score of 67
7. Netscape 8.1 with score a of 56
8. McAfee Site Advisor with a score of 3

Check http://www.3sharp.com/projects/antiphishing/ [3sharp.com]