/>
X

IE9 versus Google: which one handles social engineering attacks better?

Social engineering has become the dominant method of distribution for fake antivirus software these days. In my real-world testing with actual malware, Google Chrome did a terrible job of helping users avoid suspicious downloads. Meanwhile, Internet Explorer 9 correctly the exact same sites and files as suspicious. What's the difference?

|
ed-bott.jpg
|
Topic: Security
6223782.jpg
1 of 8 Ed Bott/ZDNet

I found numerous examples of dangerous searches on the first page of Google results. For more than a day, the number-one result for this Google search led to a site that was actively distributing malware.

For more details, see IE9 versus Chrome: which one blocks malware better?

6223783.jpg
2 of 8 Ed Bott/ZDNet

Malware authors have gotten expert at mimicking the security screens Google Chrome uses,.See the next page for a direct comparison.

For more details, see IE9 versus Chrome: which one blocks malware better?

6223784.jpg
3 of 8 Ed Bott/ZDNet

After a day, Google found and removed the poisoned result at the top of this search. See how much the real security alert looks like the fake? 

For more details, see IE9 versus Chrome: which one blocks malware better?

6223785.jpg
4 of 8 Ed Bott/ZDNet

You don't always get a warning from Chrome when you're about to download a potentially dangerous executable file. These two download prompts were captured minutes apart, for malware files that were minor variations of the same code.

For more details, see IE9 versus Chrome: which one blocks malware better?

6223786.jpg
5 of 8 Ed Bott/ZDNet

This malware author went to a lot of trouble to make his landing page look like an authentic Windows 7 security scan. Even the dialog box is convincing.

For more details, see IE9 versus Chrome: which one blocks malware better?

6223787.jpg
6 of 8 Ed Bott/ZDNet

Yes, this notification bar offers a warning about potential problems with this file, but it also offers a Run button. What happens when you choose this potentially dangerous option? 

For more details, see IE9 versus Chrome: which one blocks malware better?

6223788.jpg
7 of 8 Ed Bott/ZDNet

IE9's Application Reputation technology treats every new file as suspicious. Legitimate files quickly get a good reputation and no longer this type of warning. Notice that the options are to delete this file or to open another dialog box. You can't save or run it directly.

For more details, see IE9 versus Chrome: which one blocks malware better?

6223789.jpg
8 of 8 Ed Bott/ZDNet

Because this unsigned file is new and potentially dangerous, it gets these dire warnings. According to Microsoft, these new warnings in IE9 have successfully prevented 95% of infections that would have occurred using IE8.

For more details, see IE9 versus Chrome: which one blocks malware better?

Related Galleries

Yubikey Security Key C NFC
Security Key C NFC

Related Galleries

Yubikey Security Key C NFC

8 Photos
First look at the YubiKey Bio
YubiKey Bio

Related Galleries

First look at the YubiKey Bio

10 Photos
iVerify (version 17)
iVerify for iOS and iPadOS

Related Galleries

iVerify (version 17)

5 Photos
OnlyKey hardware security key
OnlyKey

Related Galleries

OnlyKey hardware security key

19 Photos
SoloKeys Solo V2
Solo V2

Related Galleries

SoloKeys Solo V2

10 Photos
iVerify: Added security for iPhone and iPad users
iVerify

Related Galleries

iVerify: Added security for iPhone and iPad users

9 Photos
iStorage datAshur BT hardware encrypted flash drive
iStorage datAshur BT

Related Galleries

iStorage datAshur BT hardware encrypted flash drive

18 Photos