Threat Intelligence Blog

Posted February 5, 2009

To better understand the daily risks consumers face from phishing attacks, Cyveillance test sampled unique and confirmed phishing attacks uncovered against a variety of organizations. To measure the effectiveness of some of today’s leading anti-phishing solutions, Cyveillance fed these confirmed live attacks through four of the most widely used anti-phishing browser-based offerings. The data was fed in real time to each solution and then again 24 hours later to determine detection rates over a minimal period of time. The specific detection rates of each solution used during the testing are below:


As the results show, even the most popular Internet browser anti-phishing applications detect less than half of the phishing attacks when the attacks are initially launched. The attack detection rate improves significantly after a period of 24 hours. Unfortunately, the majority of the damage caused by phishing attacks is realized during the first 24 hours after an attack is launched as illustrated in The Cost of Phishing: Understanding the True Cost Dynamics Behind Phishing Attacks, which can be downloaded at Given these facts, reliance on browser-based tools to protect consumers against phishing attacks is not an adequate phishing defense strategy.

For more information about Cyveillance’s research findings, please visit:

Additional Posts

Another Contrary Perspective – Recent Reports of “Over-Phishing” Are Flawed

In their recent paper “A Profitless Endeavor – Phishing as Tragedy of the Commons” Cormac ...

Phish-Pharming: Using social engineering to hijack domains at the source

Recently, there have been several high-profile incidents involving a novel combination of ...