An Empirical Analysis of the Effectiveness of Browser-based Anti- phishing Solutions

Phishing has by far become the most dangerous form of fraud to hit online business. Due to the key role in accessing the Internet, web browsers are at a strategic position to offer the protection against the risks of phishing attacks. Varieties of security companies have proposed their browser-based antiphishing solutions to protect the end-use. In this paper, we used 3403 fresh phishing URLs and 1000 legitimate URLs to conduct four experiments on ten popular anti-phishing tools including browsers and browser plug-ins. Overall, we found that the Google Chrome and Firefox identified the most phishing sites, but these two browsers still missed more than 20% fraudulent sites. Qihoo 360 Secure Explorer did a strong performance under the APAC dataset that demonstrate their excellent abilities of the Chinese-target phishing detection. We also found that different anti-phishing tools have totally different reactions between regions and languages. And finally, we proposed our suggestions for designing a comprehensive anti-phishing mechanism.