Microsoft on anti-phishing: We are winning

IEBlog is reporting today that 3Sharp, a Microsoft partner on office communication solutions, has just released a study commissioned by Microsoft on browser anti-phishing tools performance.

The results concludes that Internet Explorer 7 Beta 3 anti-phishing tool leads the bunch with an overall score of 172 points (out of possible 200). The number comes from an 89% accuracy identifying phishing sites from a list of 100 known scam addresses, while providing 0% false positives from a list of 500 known good addresses.

Among the other tools evaluated, Netcraft toolbar (available for Firefox) comes second with an overall 168 points (84% real positives, 0% false positives) and third comes Google Safe Browsing on Firefox (the same used in upcoming Firefox 2) with an overall 106 points (53% good positives, 0% false positives). Other tools included in the study were: GeoTrust TrustWatch, EarthLink ScamBlocker, eBay Toolbar, Netscape 8.1 and McAfee Site Advisor.

The study, the first of its kind according to 3Sharp, provides a necessary insight on current state of browser anti-phishing tools. However according to the report 27% of the phishing sites were obtained from a Hotmail database provided by Microsoft, which could have skewed the results in favor of Internet Explorer. It would be interesting to have the results per phishing sites source.

We can conclude however that although Firefox 2 will come with anti-phishing protection out of the box it is even better to know that it will support different white/blacklist providers, and it will be able to integrate with Netcraft or other provider. In the meantime, Firefox 1.5.x users may want to install the Netcraft toolbar now.

EDIT: Paul Robicheaux, co-founder of 3Sharp assesses mine and other questions in these blog posts.