IE9 versus Google: which one handles social engineering attacks better?

1 of 8

  • I found numerous examples of dangerous searches on the first page of Google results. For more than a day, the number-one result for this Google search led to a site that was actively distributing malware.

    For more details, see IE9 versus Chrome: which one blocks malware better?

    Caption by: Ed Bott

  • Malware authors have gotten expert at mimicking the security screens Google Chrome uses,.See the next page for a direct comparison.

    For more details, see IE9 versus Chrome: which one blocks malware better?

    Caption by: Ed Bott

  • After a day, Google found and removed the poisoned result at the top of this search. See how much the real security alert looks like the fake? 

    For more details, see IE9 versus Chrome: which one blocks malware better?

    Caption by: Ed Bott

  • You don't always get a warning from Chrome when you're about to download a potentially dangerous executable file. These two download prompts were captured minutes apart, for malware files that were minor variations of the same code.

    For more details, see IE9 versus Chrome: which one blocks malware better?

    Caption by: Ed Bott

  • This malware author went to a lot of trouble to make his landing page look like an authentic Windows 7 security scan. Even the dialog box is convincing.

    For more details, see IE9 versus Chrome: which one blocks malware better?

    Caption by: Ed Bott

  • Yes, this notification bar offers a warning about potential problems with this file, but it also offers a Run button. What happens when you choose this potentially dangerous option? 

    For more details, see IE9 versus Chrome: which one blocks malware better?

    Caption by: Ed Bott

  • IE9's Application Reputation technology treats every new file as suspicious. Legitimate files quickly get a good reputation and no longer this type of warning. Notice that the options are to delete this file or to open another dialog box. You can't save or run it directly.

    For more details, see IE9 versus Chrome: which one blocks malware better?

    Caption by: Ed Bott

  • Because this unsigned file is new and potentially dangerous, it gets these dire warnings. According to Microsoft, these new warnings in IE9 have successfully prevented 95% of infections that would have occurred using IE8.

    For more details, see IE9 versus Chrome: which one blocks malware better?

    Caption by: Ed Bott

1 of 8

Social engineering has become the dominant method of distribution for fake antivirus software these days. In my real-world testing with actual malware, Google Chrome did a terrible job of helping users avoid suspicious downloads. Meanwhile, Internet Explorer 9 correctly the exact same sites and files as suspicious. What's the difference?

Read More Read Less

I found numerous examples of dangerous searches on the first page of Google results. For more than a day, the number-one result for this Google search led to a site that was actively distributing malware.

For more details, see IE9 versus Chrome: which one blocks malware better?

Caption by: Ed Bott

1 of 8

Related Topics:

Security Enterprise Software Security TV Data Management CXO Data Centers
Add Your Comment
Add Your Comment

Related Galleries

    • 1 of 3

  • McAfee opens Advanced Threat Research Lab

    The Hillsboro, Oregon lab showcases a range of threats, including adversarial machine learning used on autonomous vehicles, Windows vulnerabilities, medical device flaws and ...