Anti-phishing features in Firefox 2.0 perform better than equivalent security technologies in IE7, according to a study (http://www.mozilla.org/security/phishing-test.html) commissioned by the Mozilla corporation.

The tests, performed by testing firm SmartWare and audited by iSEC partners, looked at how each browser responded to known phishing URLs as identified (http://www.phishtank.com/blog/2006/11/14/phishtank-datas-so-good-its-the-standard/) by community anti-phishing website Phishtank.

Firefox in its most secure configuration blocked 81.5 per cent of the 1,040 phishing websites, whereas IE7 blocked only 66.4 per cent. Even with the Ask Google feature turned off, Firefox 2.0 blocked 78.9 per cent of the dodgy domains identified by Phishtank.

In 243 instances Firefox blocked fraudulent domains that IE allowed against 117 occasions when Firefox allowed visits to sites IE correctly identified as fraudulent. Both browsers failed to recognise 65 dodgy websites.

Looking at false positives (legitimate websites identified as potentially fraudulent) was out the scope of Smartwave's study, as explained here (http://www.mozilla.org/security/phishing-test.html).

A similar study published in September commissioned by Microsoft found that IE7 performed better than a range of seven third-party security applications. The survey, by messaging firm 3sharp (http://www.3sharp.com), a Microsoft partner, didn't compare the performance of IE7 against the then unreleased Firefox browser however. ®

Related stories

Firefox spoofing bug raises phishing fears (4 January 2008)
http://www.theregister.co.uk/2008/01/04/firefox_spoofing_bug/
Mozilla rubbishes IE Firefox security study (3 December 2007)
http://www.channelregister.co.uk/2007/12/03/moz_ie_security_comparison/
Firefox-Google marriage on shaky ground? (12 September 2007)
http://www.theregister.co.uk/2007/09/12/firefox_google_marriage_threatened_by_adblock_plus/
Phony BBB email dupes more than 1,400 execs (30 May 2007)
http://www.theregister.co.uk/2007/05/30/bbb_spear_phishing/
Mozilla seeks security researchers to look at alpha code (10 April 2007)
http://www.theregister.co.uk/2007/04/10/mozilla_security/
IE7 phishing bug nets concern (19 March 2007)
http://www.theregister.co.uk/2007/03/19/ie7_phishing_bug/
Mozilla patches faulty patch (7 March 2007)
http://www.theregister.co.uk/2007/03/07/mozilla_patch_fix/
Firefox fix lances memory corruption bug (26 February 2007)
http://www.theregister.co.uk/2007/02/26/firefox_update/
Firefox popup exploit allows file snooping (7 February 2007)
http://www.theregister.co.uk/2007/02/07/firefox_popup_exploit/
Firefox 2.0: happier browsing, but secure? (30 January 2007)
http://www.theregister.co.uk/2007/01/30/firefox_makes_steady_progress/
Google blacklist sheds light on phishing tactics (5 January 2007)
http://www.theregister.co.uk/2007/01/05/google_phishing_blacklist/
Phishing fraudsters get flashy (5 January 2007)
http://www.theregister.co.uk/2007/01/05/phish_flash/
European network will target email and internet scams (4 January 2007)
http://www.theregister.co.uk/2007/01/04/consumer_protection_cooperation_regulation/
Firefox update guards against critical flaws (21 December 2006)
http://www.theregister.co.uk/2006/12/21/firefox_upgrade/
Virgin foxes Firefox? (20 December 2006)
http://www.theregister.co.uk/2006/12/20/virgin_getmessage_site/
Opera adds tech to foil phishers (19 December 2006)
http://www.theregister.co.uk/2006/12/19/opera_bolsters_phishing_filter/
MS reels in a few stray phish (23 November 2006)
http://www.theregister.co.uk/2006/11/23/ms_anti-phishing_campaign_update/
Microsoft unleashes improved Firefox (14 November 2006)
http://www.theregister.co.uk/2006/11/14/ms_firefox/
IE7 'critical update' causes headaches for managed desktop environments (12 November 2006)
http://www.theregister.co.uk/2006/11/12/ie7_critical_update_managed_desktops/
Firefox update aims to lance security bugs (9 November 2006)
http://www.theregister.co.uk/2006/11/09/firefox_seamonkey_update/
Attackers end-run around IE security (8 November 2006)
http://www.theregister.co.uk/2006/11/08/ie_security_analysis/
US harbours one-in-four phishing sites (7 November 2006)
http://www.theregister.co.uk/2006/11/07/phishing_stats_october/
Firefox 2.0 goes live (23 October 2006)
http://www.theregister.co.uk/2006/10/23/firefox2_release_imminent/
IE7 unleashed (19 October 2006)
http://www.theregister.co.uk/2006/10/19/ie7_release/
Mozilla brainstorms Firefox 3.0 (16 October 2006)
http://www.theregister.co.uk/2006/10/16/firefox_3_brainstorm/
IE market share: What's going on? (12 October 2006)
http://www.theregister.co.uk/2006/10/12/browser_market_share/
Mozilla flaws more joke than jeopardy (5 October 2006)
http://www.theregister.co.uk/2006/10/05/mozilla_flaw_joke/
Why phishing catches punters (7 June 2006)
http://www.theregister.co.uk/2006/06/07/why_phishing_works/
Browser developers team up to thwart hackers (23 November 2005)
http://www.theregister.co.uk/2005/11/23/browser_security_summit/
Netcraft launches anti-phishing toolbar (26 May 2005)
http://www.theregister.co.uk/2005/05/26/netcraft_anti-phishing_toolbar/