Virus Bulletin finds spam filters are blocking more spam, but lag behind on phishing
November 2012 by Virus Bulletin
Virus Bulletin, the independent security certification body, has announced the results of its latest anti-spam comparative review: 19 solutions achieved a VBSpam award, many of which did so with an improved spam catch rate, reversing a trend of declining catch rates seen earlier this year.
The highest catch rates in this month’s test were achieved by OnlyMyEmail, which missed only one email in the spam feed, and Libra Esva, both of which missed only one legitimate email. Four anti-spam solutions - SpamTitan, ESET, Netmail and Halon Security - managed to avoid false positives altogether, while also catching more than 99.5 per cent of all spam. They each earned a VBSpam+ award.
For the first time, the test also included a dedicated feed of phishing emails, courtesy of Wombat Security. With two exceptions (SPAMfighter and OnlyMyEmail, which both caught all the phishing emails), the products’ performance on the phishing feed was worse than on other spam emails: most products caught less than 90 per cent of them, with several products putting in a significantly worse performance than this.
"Usually a lot of effort goes into making phishing emails appear legitimate," said VB’s Anti-Spam Test Director, Martijn Grooten. "Add to this the relatively low volume of phishing campaigns compared with traditional spam campaigns and it becomes somewhat understandable that spam filters have a harder time blocking these emails."
Grooten continued: "But those who put their full trust in their spam filters and as a result fall victim to a phishing email may be less understanding - and rightly so. Making the mistake of believing such emails are legitimate could result in financial loss and/or identity theft - if not directly, then via the malware served by the links contained in many of today’s phishing emails. We hope to see some improvement in products’ ability to identify phishing emails in the not-too-distant future."
The VBSpam quadrant plots products’ spam catch rate against their false positive rate, with the top right-hand corner the area products should be aiming for (with maximum spam catch rate and minimum false positive rate). The front-runners in this test can clearly be seen from their positions on the quadrant at http://www.virusbtn.com/vbspam/char... (journals are permitted to reproduce this chart unedited).
The results of the November 2012 anti-spam comparative review can be seen at http://www.virusbtn.com/vbspam/arch...