Web Browser Security
WBS 2018 Comparative Report: Protection Against Socially Engineered Malware (SEM)

WBS 2018 Comparative Report: Protection Against Socially Engineered Malware (SEM)

AUTHORS:

Morgan Dhanraj

TECHNOLOGY DESCRIPTION:

Socially engineered malware (SEM) is among the most prominent and impactful security threats facing users today. SEM uses a dynamic combination of social media, hijacked email accounts, false notification of computer problems, and other deceptions to encourage users to download malware.

To protect against malware, leading browser vendors provide cloud-based reputation services, which scour the Internet for malicious websites and then categorize content accordingly, either by adding it to blacklists or whitelists, or by assigning it a score. A web browser requests reputation information about a specific URL, and if results indicate that the website is “bad,” the browser redirects the user to a warning message explaining that the URL is malicious. If a website is determined to be “good,” the browser takes no action and the user remains unaware that a security check was just performed.

To evaluate a browser’s effectiveness in protecting against SEM, NSS’ testing focused on block rates, consistency of protection, and early protection against new threats.

PRODUCTS EVALUATED:

The following products were evaluated:

  • Google Chrome: Version 69.0.3497
  • Microsoft Edge: Version 42.17134.1.0
  • Mozilla Firefox: Version 61

NSS clients can also download the Web Browser 2018 Security Comparative Report on Protection Against Phishing.

As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.