NSS Labs today released the results of tests it conducted on the major browsers to determine how they defend against malware associated with bank fraud, password-stealing, phony antivirus, and click fraud. IE fared best, blocking 95 percent of all malware-related activity, followed by Chrome, which blocked 33 percent, and Firefox and Safari, which blocked less than 6 percent.
Another interesting statistic: Chrome halted only 1.6 percent of click fraud, and IE was also No. 1 in this test, stopping 96.6 percent of click-fraud malware during the tests. Firefox picked up 0.8 percent; and Safari, 0.7 percent.
The browser versions tested were Apple Safari 5, Google Chrome versions 15 through 19, Microsoft Internet Explorer 9, and Mozilla Firefox versions 7 through 13.
"Given Chrome's prominence and increasing market share, we predict ongoing increases in click fraud unless Google takes serious steps to improve its click-fraud protection," says Stefan Frei, research director of NSS Labs.
The study was conducted between Dec. 2, 2011, and May 25, 2012, testing the most up-to-date versions of the browsers on identical virtual machines running Windows 7.
Other findings by NSS Labs: The average life span of a click-fraud URL is 32 hours, and more than half die off within 54 hours. Click fraud mainly affects ad buyers, but users who are infected by click-fraud attacks get infected with other malware.
NSS Labs recommends that users pressure Google to beef up its click-fraud protection features in Chrome and its API, and says to expect a major jump in click fraud in 2013.
The full report is available here for download.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
