Category Archives: Internet Security

The Difference Between Identity Theft and Identity Fraud

A recent post on iovation.com pointed out the differences between identity theft and identity fraud.

Xenia Antunes/Flckr

Identity theft is when someone’s personal identity information has been stolen; identity fraud is when that stolen information is used to commit financial fraud or some other kind of crime” wrote Max Anhoury.

“Identity fraud has been growing dramatically, by 22% each of the past two years” wrote Josh Smith of Wallet Pop.

“Based on the incidents reported to Travelers, the number one cause of identity fraud is old-fashioned burglary in which a wallet, purse, other personal identification, or computer are stolen. Theft of personal property was responsible for 78% of the cases of identity fraud with online issues or data breaches only accounting for 14%.”

These figures indicate that “peoples’ fears may have been, at least in part, misplaced. Individuals would benefit from an increased awareness and vigilance in all aspects of their life, not just online” states Anhoury.

“Identity theft is when a criminal steals your personal information. Identity Fraud is when a criminal uses that ill-gotten personal information in order to commit a crime or fraud all in the name of the identity theft victim.” said Joe Reynolds, Identity Fraud Product Manager at Travelers In an email he stated, “Although consumers should be concerned about identity theft, they should be even more concerned about the potential for identity fraud as the direct impact on consumers is much greater once their name is used in the course of committing a crime.”

Nevertheless, Anhoury wans that online businesses “need to be on high alert” and gives the following reasons why online sites “will likely remain the No. 1 target of identity fraud”

It’s safer to commit online identity fraud: Taking advantage of the Internet’s anonymity keeps criminals at a safe distance from their victims and the businesses they are trying to steal from. In other words, why would a fraudster risk getting caught red-handed when he could commit fraud in the comfort of his own home?

It’s more efficient: As you would imagine, today’s Internet-savvy criminals work extremely fast. Within minutes, one stolen identity can be used to apply for multiple credit cards or a stolen card can be used to charge thousands of dollars worth of goods at multiple online sites. By the time the theft is reported, the damage can be wide-reaching.

It’s easier to work in fraud rings: For ages, criminals have used whatever tools were at their disposal to organize and run their operations. Today, criminals around the globe are leveraging the Internet to work together, share information, and trade, sell and purchase stolen personal and financial information like never before.

It’s not limited by geography: Criminals that obtain stolen credit or personal information are no longer limited by their geography. With the Internet all but eliminating distance, crime can now occur anywhere, at anytime, making online businesses everywhere equally vulnerable.

So how can you avoid being caught?

Here are The Travelers Insurance’s Top 10 tips to prevent identity fraud

When Shopping Traditionally.

1.Review your wallet or purse contents before you go shopping.
2. Create a list of all your credit card and bank account information and store in a secure place.
3. Protect your Passwords and PINS.
4. Review your credit report now – and after the New Year.

5. Never provide confidential information over the phone to an unsolicited caller claiming that they represent a financial institution or creditor.
6. Never put outgoing checks or bill payments in your home mailbox, as they are easy to steal.

Online Shopping

7. Log off completely when finished with online transactions.
8. Increase up your own computer’s security.
9. Avoid e-mailing personal and financial information.
10. Delete, without replying to, any suspicious e-mail requests.

Will Social Media Rule the World?

social_networking_sites

How powerful has social media become?

“Social networking sites are to be trialed for issuing urgent messages about natural disasters in the Cairns region in far north Queensland” reports Yahoo Australia, demonstrating social media’s potential for good.

Now, Google and Microsoft are linked with Twitter and Microsoft has a deal with Facebook which updates into Bing.

These  deals will  make social media marketing more important to search engine marketing.
Google’s Google’s Vice-President of Search Marissa Mayer announced the agreement with Twitter to include their updates in our search results.

“We believe that our search results and user experience will greatly benefit from the inclusion of this up-to-the-minute data, and we look forward to having a product that showcases how tweets can make search better in the coming months” she said.

“That way, the next time you search for something that can be aided by a real-time observation, say, snow conditions at your favorite ski resort, you’ll find tweets from other users who are there and sharing the latest and greatest information.”

Because Social media is viral and real-time search is nothing more than putting things in chronological order. Your effectiveness will be enhanced by writing about what people are talking about right now.

WebProNews anticipates that “if status updates and tweets become directly integrated into search results in Universal Search-type fashion, it will be not only be about promotion and outside links, it will be about direct exposure right in the results”

It is is “not unlike the importance of online video right now” noting that videos are often displayed prominently on the first page of Google results).

Mayer is reported to have suggested that Google Labs feature called Social Search will include:

Social networking information from your friends, like their Flickr photos or their status updates blended into the bottom of search results much like news or images.

The information will be derived from your Google Profile and will increase proportionately to how well connected you are.

Image searches will be improved and made more relevant using social networking data.

Twitter has also made its mark.

“The power of those tweets as a form of data that can be surfaced in search is enormous. Innovative services like Twitter give us access to public opinion and thoughts in a way that has not before been possible” states Paul Yiu  of Bing.

Bing has made available a beta tool for you to experiment tweet searches. Some of it’s functions are presently limited to the USA only however.

“You can now search for what people are saying all over the web about breaking news topics, your favorite celebrity, hometown sports team, and anything else you use Twitter to stay on top of today.”

Then there is the important need to look below the fluff and find the real trending topics. Especially if you want to write about real issues.

According to Mike Grehan of Incisive Media IBM wrote an algorithm that looks at Twitter, Facebook, and MySpace and filters out all the noise to find the real conversation. The BBC uses this technology to rate music with what is called the Sound Index.

“Google is failing in its mission to make the world’s information universally accessible” claims Grehan. It basically can’t keep up. Google has tracked a trillion  links, but that is only a small fraction of the web.

He anticipates that there will be changes and they will be Keyword-Driven. However, Grehan points out that as the social element goes beyond the immediacy of search and considers the effect of longterm relationships opn our decisions.

“I believe the next major advances in search must be in the area of learning machines and artificial intelligence” said Grehand.

“Search engines started with the bare basics of computer technology, crawling, indexing and ranking HTML pages based on an end user’s query”

Significant improvements occurred when Google’s distributed its computing across a grid iomplemented network theory in its PageRank algorithm he said.

To be effective, WebProNews made the following suggestions:

1. Use keywords
2. Talk about timely events
3. Have a lot of followers
4. Promote conversation
5. Include calls to engagement

However, one truth remains.

“The keyword is still the core of marketing, not just search” says Grehan.

671 Percent Increase in Malicious Web Sites

Malicious websites grew 233% in the last six months and 671% in the last year, stares Websense Security Labs. This was partly because of the spread  Gumblar, Beladen and Nine Ball attacks which aimed to compromise trusted and known Web sites.

Web 2.0 sites are the worst effected target as 95% of blog comments, chat rooms and message boards are malicious.

“The last six months have shown that malicious hackers and fraudsters go where the people are on the Web” said Websense Chief Technology Officer Dan Hubbard “and have heightened their attacks on popular Web 2.0 sites.”

The top 100 most visited Web properties, which are “Social Networking” or “Search” sites states Websense.

77% of sites with malicious code are legitimate sites have been compromised by fraudsters exploiting the inherent trust in a business.

61 percent of the top 100 sites either hosted malicious content or contained a masked redirect to lure unsuspecting victims to malicious sites.

The term ”malicious” typically refers to links that have specific, hidden exploits that target a user’s computer.

The next million most visited sites are primarily current event and news sites and are more regionaland genre-focused.

37 percent of malicious Web attacks included data-stealing code, 57 percent of data-stealing attacks are conducted over the web in the first half of 2009.

85.6% of all unwanted emails contained links to spam and/or malicious Web sites and 57% of data-stealing attacks are conducted over the Web. In June virus infected emails rose 600% over May.

An analysis of Web, email and data security trends during the first half of 2009 are explored in the Websense Security Labs bi-annual “State of Internet Security” report.

Daily Websense® Security Labs™ Websense ThreatSeeker™ Network parses more than one billion pieces

of content and over 40 million websites hourly for malicious code and ten million emails. The Websense ThreatSeeker Network uses more than 50 million real-time data collecting systems.

YouTube and BlogSpot are 65 percent to 75 percent ineffective in protecting Web users from objectionable content and security risks. Hate or militant content on Facebook and other popular Web 2.0 sites like YouTube, Yahoo! Groups and Google Groups.

Cyber terrorism (militancy and extremists Web sites)  increased 326 percent increase in increased 326% from January through May 2009 over the same period in 2008.

Websense tracks about15,000 hate and militancy sites, with 1,000 added in he first six months of this year.

78 percent of new Web pages discovered in the first half of 2009 with objectionable content (e.g. Sex, Adult Content, Gambling, Drugs)  and  69 percent of all Web pages with any objectionable content link served malicious content.

Sex, advertisements, business and economy, IT, and travel made up the most commonly

compromised categories of Web content. 50 percent of Web pages with a link categorized as “Sex” also have at least one malicious link.

The three most popular topics for spam remained shopping (28 percent), cosmetics (18.4 percent) and

medical (11.9 percent.)  However, over the last six months, education accounted 9.5 percent of spam.

and could be attributed to the recession.

“Spammers have been targeting the unemployed who are looking to re-train or gain qualifications to help their job prospects” states Websense.

Malware Pandemic

A record five million new malware threats were detected in third quarter of 2009 according to the Cloud Security firm, Panda Security.
Trojans accounted for 71 percent of all new malware between July and September 2009. Adware (13 percent) and spyware (9 percent) have also all increased, while traditional viruses and worms have decreased to 2 percent of the total.

SAdly, thw weak lin is still the individual user who fails to apply basic net safety rules or applies commonsense when an impressive sounding phishing scam asks for bank details.

malware detected

PandaLabs has recorded five million new strains of malware. Most of these were banker Trojans, although adware and spyware have also increased.

“Spyware has increased for the first time this year, rising from 6.90% to 9.16%. Adware however has decreased slightly from 16.37% to 13.13%, yet it was still the second most detected malware category this year” according to the quarterly report.
“We currently receive approximately 50,000 new samples of malware every day, compared to 37,000 just a few months ago. There is no reason to believe that the situation will improve in the coming months,” explains Luis Corrons, Technical Director of PandaLabs.
There has been a marked increase in malware distributed through spam, social networks and search engine optimization techniques, which draw users to spoof Web pages where malware is downloaded. These exploit topical issues like swine flu, Independence Day, forest fires or Presidential speeches by Barack Obama.
“There is a false sense of security, as users perceive there to be no real danger at the moment. When their computers get infected, they rarely notice any symptoms” said According to Luis Corrons, Technical Director of PandaLabs, According to Panda’s U.S. computers are infected by the most dangerous malware strains: Trojans, followed by adware, worms and viruses.
The global infection rate on computers rose to 59% states Panda Security. Taiwan has the most infected PCs, with a 69.10 percent corruption, followed by Russia and China at 67.99 percent and 61.97 percent, respectively. U.S. ranks ninth with an infection ratio of 58.25. The country with the least infections is Norway at 39.60 percent.

“Spyware has increased for the first time this year, rising from 6.90% to 9.16%. Adware however has decreased slightly from 16.37% to 13.13%, yet it was still the second most detected malware category this year” according to the quarterly report.
“We currently receive approximately 50,000 new samples of malware every day, compared to 37,000 just a few months ago. There is no reason to believe that the situation will improve in the coming months,” explains Luis Corrons, Technical Director of PandaLabs.
There has been a marked increase in malware distributed through spam, social networks and search engine optimization techniques, which draw users to spoof Web pages where malware is downloaded. These exploit topical issues like swine flu, Independence Day, forest fires or Presidential speeches by Barack Obama.
“There is a false sense of security, as users perceive there to be no real danger at the moment. When their computers get infected, they rarely notice any symptoms” said According to Luis Corrons, Technical Director of PandaLabs, According to Panda’s U.S. computers are infected by the most dangerous malware strains: Trojans, followed by adware, worms and viruses.
“This is a clear sign that hackers are becoming more and more sophisticated,” said Corrons.
“Cybercriminals have found news ways to spread their creations, frequently exploiting the latest news stories to launch attacks through social networks, videos, and email. The huge amount of Trojans in circulation is due to the spectacular increase in the number of banker Trojans aimed at stealing user data.”
The global infection rate on computers rose to 59% states Panda Security.  Taiwan has the most infected PCs, with a 69.10 percent corruption, followed by Russia and China at 67.99 percent and 61.97 percent, respectively. U.S. ranks ninth with an infection ratio of 58.25. The country with the least infections is Norway at 39.60 percent.

infected PCs

Cybercrime Hits Smaller Business

security1

Heartland Payment Systems, Radisson Hotels and Network Solutions have made news because of data breaches. In 2008 285 million records were compromised according to the 2009 Data Breach Investigations Report by the Verizon Business Investigative Response Team.

However, the Federal Deposit Insurance corporation (FDIC) reports that online crime is attacking small and medium sized businesses and fraudulently draining funds from their bank accounts.

In a recent podcast with Doug Johnson Senior Policy Analyst for the American Bankers Association noted that although it is hard “get a fix on the exact number” “law enforcement and institutions have really seen the exploit migrate from large businesses to small businesses”.

Smaller businesses may not be aware of this type of fraud or know how to protect themselves.

Johnson recommends authentication at the business customer level and educating customers about how to protect themselves.

“It starts very cagily by the fraudsters, mostly from Eastern Europe, doing some social intelligence associated with the business” said Johnson “ so they might know who the CFO is, or they might know who someone in HR is or what have you, or in IT.”

“Then they will send an email, which might be a Microsoft update for instance, or some other thing, which that particular individual would be aware of. The CFO might get something that purportedly is coming from the Better Business Bureau, for instance, things of that nature.”

In other words, an email that looks legitimate or expected may be a bait.

security-breach

Recently, the Rippoff Report pointed out that Two-thirds used the sender’s name to gauge whether a mail was spam, 45% looked at the subject line and 22% use “visual indicators.” About 3% relied on the time a message was sent to judge if it was legitimate.

As technology improves judging an email on visual clues can be problematic.  Businesses obviously need to avoid clicking links in these emails.

“I think that it is not unusual for business customers to in their busy day not even think about the emails that they are clicking on” he said.

Chris Novak, managing principal at Verizon Business Investigative Response Team describes online security as a “kind of cat and mouse game “ requiring vigilance over a continually evolving threat.

Mr Novak has investigated criminal and civil data breaches for over a decade.

“I think the biggest thing is the evolution of malware. We are seeing that the malware is getting more advanced, and the hackers — particularly the organized crime groups – they actually have development teams” he said.

“Some of the malware is purposely built just for one specific victim environment, and the hackers have the capability to do that.”

Novak expresses concern that people think there are just a few types of malware that viral protection can handle.

“Malware is evolving rapidly with added capabilities that may frighten some people he said.

“The key piece if really making sure that you stay up on the latest and greatest threat information to know what you need to do protect yourself.”

Fortunately the recent big name security breaches demonstrated that event monitoring and log analysis revealed what was happening in 82% of cases. To be effective this requires a combination of people, processes and technology.

Novak expressed concern that people have developed an over reliance on technology.

“The problem with a lot of that is, like most technology, it is pre-configured to understand certain things and detect certain threats, but for the most part it is based on what’s been programmed into and how it has been configured.”

“In a lot of cases, you need a backup to technology of those appliances with people resources that can look at it and kind of do sanity check on it and say ‘You know what, this doesn’t look right. Someone logged into their bank account 7000 times today, and that is probably a problem.’ Sometimes the technology picks up things like that, and sometimes it doesn’t.”

Data can be moved in and out of an environment so quickly, which is why monitoring is so important.

“The biggest breaches that we’ve ever investigated took place in 24-to-48 hours. That’s all the hacker needed, depending on how organized they were.”

Why Does Spam Work?

The cost of spam

Spam works because about one out of six respond to messages suspect are spam survey data by the Messaging Anti-Abuse Working Group, an anti-spam trade organization (MAAWG).

Although, about 17% admitted it was a mistake, curiosity seems to play into the hands of spammers. Twelve percent were interested in the product or service, and 13% don’t know why they acted on the message. Six percent “wanted to see what would happen.”

The survey of 800 people in the U.S. and Canada who admitted they were not ‘internet experts’ about 80 percent of users doubted their computers were at risk of ever being infected with a “bot.” This is alarming as covertly planted viruses capable of sending spam are responsible for generating much of today’s illegitimate email.

The problem is not limited to email spam. In a recent banking phishing spam atcacking LibertyBank, an automated phone message claimed”Your card has been suspended because we believe it was accessed by a third party. Please press 1 now to be transferred to our security department.”

Customers who pressed “1” were asked to enter their credit/debit card number and personal identification number. Sadly people fell for it.

“Spamming has morphed from an isolated hacker playing with some code into a well-developed underground economy that feeds off reputable users’ machines to avoid detection” said MAAWG Chair Michael O’Reirdan.

“Consumers shouldn’t be afraid to use email, but they need to be computer smart and learn how to avoid these problems.”

“Bots, or malware running on users’ computers without their knowledge, are responsible for generating up to 90 percent of spam and can also be used to steal personal information or take part in DDOS (distributed denial of service) attacks” states MAAWG.  cmsconnect.com  estimates the lost time to be nearly 50 hours per employee and almost $1000 per person per year.

Spam is now major bandwidth gobbling headache for service providers and the growing problem of bot infestations contributing to spam, identity theft and online fraud.

No longer is a spammer the seedy lone money grabbing sneak hiding in the attic. In 2007 “a flood of junk messages was thrown at the e-mail server of the [Estonian] Parliament, shutting it down.” This is why a CMS white paper reccommended country of origin email filtering to reduce spam 50-80%.

As spammers use automated systems to constantly collect email addresses, 24 hours a day and 365 days a year it sometimes seems you are doomed to receive a pile of email 95% promoting MLM and the rest suggesting have such a low IQ that you will give your bank details to a non entity at the north pole.

“Spam is also getting globalised as Brazil, Russia, India and China are among the biggest emerging broadband markets worldwide and as such offer a tremendous opportunity for cybercrime ” states Emirates Business 24/7.

Most  users are familiar with general email-based threats but not necessarily proactively protecting themselves sufficiently.

How will we stop spam when we are such easy targets? Even though 12% claimed they were “very” or “somewhat” experienced with Internet security opened spam before deleting it, while 11% called themselves inexperienced who also opened spam.

Two-thirds used the sender’s name to gauge whether a mail was spam, 45% looked at the subject line and 22% use “visual indicators.” About 3% relied on the time a message was sent to judge if it was legitimate.

About two-thirds considered themselves “very” or “somewhat” knowledgeable in Internet security. While most consumers use anti-virus software and over half said they never click on suspected spam, the survey also found that 21 percent take no preventative anti spam measures.

Yet, 12% of respondents who indicated they were “very” or “somewhat” experienced with Internet security opened spam before deleting it, compared with only 11% of respondents who called themselves inexperienced who did the same.

63 percent would allow their network operator or anti-virus vendor to remotely access their computer to remove detected bots.

Industry analyst Ferris Research, Inc., suggested network operators offer remote bot mitigation capabilities to differentiate their services from competitors. They also suggest refining spam filters based on the specific patterns revealed by the study.

For example, the MAAWG survey found that users between the ages of 24 and 44 are more likely to use email for banking and bill statements, so industry vendors might focus on preventing phishing spam for these consumers.

To combat bot infestations has released a series of strategies used by some of the largest ISP network operators or Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks (Version 1.0).

The report recommends:

  • While protecting users’ privacy, network operators can use tools to detect infected end-user computers, including DNS, scanning the IP space to identify vulnerable computers, and collecting IP traffic information for known command and control addresses.
  • Email, phone calls to customers, postal mail and walled gardens are common notification tools.. In-browser messages are considered to be among the most effective methods to alert customers but also can be technically challenging to implement.
  • ISPs need to maintain a well-publicized security portal that includes directions for end-user bot removal.

“Bots are a global affliction and these best practices are an important step in educating the industry on the appropriate processes to help protect consumers” said Michael O’Reirdan.

“We’re sharing the experiences of our global membership so that network operators everywhere can more aggressively tackle this problem”

Spam Alert

stance against spam

“Even in challenging economic times, spammers continue to plague businesses with unprecedented levels of unsolicited mail and push them to spend valuable bandwidth and resources on dealing with spam,” said MessageLabs Intelligence Senior Analyst, Symantec, Paul Wood.

“For Australian businesses, more than ninety percent of all emails are now unwanted, however as email is the prime communication channel for businesses today, keeping email secure and functional is critical to business success.”

In the Sydney suburb of Auburn, spam levels reached 94.1%, making it Australia’s most spammed suburb.

In Australia, the most spammed areas have higher density of small-to-medium sized businesses. The least effected have the largest companies.

World wide, Sophos discovers 23,500 new infected webpages every day. That’s one every 3.6 seconds, four times worse than in 2007.

“15 new bogus anti-virus vendor websites are discovered every day” states Sophos. .”This number has tripled, up from an average of five detected per day, during 2008”.

“Financially motivated cybercriminals are turning their attention to Web 2.0 platforms such as Facebook and Twitter and alternative programs and tools such as Adobe Flash and PDFs.”

Between four million and six million computers worldwide  the globe have been compromised without the user’s knowledge states MessageLabs Intelligence.

“These computers now form robotic networks – Botnets, which are controlled by cybercriminals and used to send out more than 87% of all unsolicited mail, equating to approximately 151 billion emails a day.

89.7% of business email is spam. In September, globally the spam rate is 86.4%, Australia’s spam rate is 90.7%.

“Spammers have preferred professions, with the Engineering and Education sector being top targets globally with spam levels reaching more than 93%” states MessageLabs Intelligence.

In Australia  Healthcare has a  93.5% spam rate, Wholesale 92.1%, Minerals/Fuel 91.0%,  Professional Services 90.9%

Communication enhancing and information gathering technology has given hackers opportunities to attack businesses.

Sophos receives 40,000 unique suspicious files every day — accounting for 28 unique files every minute, 24 hours a day. Independent testing agency, AV-Test.org, currently counts over 22.5 million unique samples of malware in its collection — compared to 12.3 million in June 2008, demonstrating that the scale of the problem has almost doubled.

spam mailing list

The importance of good email security is highlighted by the spread of botnet infections.

“Botnets are now responsible for distributing 87.9% of all spam” states MessageLabs Intelligence.

“Approximately 151 billion unsolicited messages each day being distributed by compromised computers.

MessageLabs lists a number of ISP’s that were closed for hosting botnet activity: September 20, 2008 California Intercage (California) followed shortly after by McColo (California). After which “spam originating from Srizbi, Rustock and Mega-D all took a nosedive. Until then, Srizbi had been responsible for as much as 50% of all global spam”

Following the demise of these ISPs in 2008, additional ISPs were taken down as recently In June Pricewert in the U.S and on August 1,2009, Real Host in Latvia, were closed.

The take-down of Real Host saw spam levels temporarily drop by 38% according to Messagelabs.

“Real host was believed to have hosted the command-and-control centres of the Cutwail botnet (also known as Pandex or Pushdo), which is responsible for about 15 to 20 per cent of the spam sent out worldwide” states the virus bulletin.

Typically websites whose sole purpose is to distribute malware arereached through redirection scripts and links from other legitimate websites, such as links posted on social networking websites, malicious or compromised banner advertising, hyperlinks posted in spam emails and hyperlinks shared over instant messaging traffic” states messagelabs.

“The typical profile of these sites indicates that they have been registered up to three months before first being blocked for hosting malicious content.” It is no surprise that Google ranks domains registered for more than a year more favourably.

“A relatively large proportion of them (approximately 29%) are taken down after just one day; 40% are removed within two days; and 65% within one week. Generally, 90% of “young” malicious domains are taken down within 38 days.”

To enhance the effectiveness of their short term web life URL-shortening services have been exploited and account for more than 9% of all spam.

However, MessageLabs Intelligence states, “80 percent of domains being blocked as malicious for serving up malware are in fact compromised, legitimate websites”. Removing a young obviously malicious server is relatively easy so it is obvious why a spammer would like to compromise an established site.

How To Stop Spam?

Protect your email address – Be careful where you use your primary email address on the net.

Watch out for the checkboxes –opt out of being contacted by third parties as you don’t know who will get your email address.

Don’t use the reply, remove or forward options – Using these features tells a spammer you are real and validates your email address.

Use an unusual name – An email address with numbers or is less likely to receive spam.

“Spammers often use directories of common names to guess email addresses” states MessageLabs.

Avoid clicking on any links in spam messages – the addresses of links are frequently disguised intending to confirm your existence to spammers. This can also include the unsubscribe links.

Avoid downloading pictures in spam email – Even in the preview pane pictures these can identify you. Block images, or view emails in text format.

Use a Good spam filter – Stop it from getting into your inbox in the first place.

According to the virus bulletin released September 21, Alwil‘s avast!, BitDefender, ESET‘s NOD32, F-Secure, G DATA, MicroWorld‘s eScan and Symantec‘s Norton were top achievers at detecting malicious samples, rated the highest ranking of ‘Advanced+’..

Tested with two sets of malicious samples, split into two sets with one containing sample representing the last 7 months, and the other the preceding twelve months.  The results are balanced against false positives.

Ranking highly in the ‘Advanced’ classification were AVG, Avira, Kaspersky, McAfee and Trustport. Avira, McAfee and Trustport had high detection rates but ranked lower because of  false alarms.

Microsoft‘s solution, rated as ‘Standard’, Kingsoft, Norman and Sophos ranked only ‘Tested’  Sophos‘ scored low because of a relatively high false positive rate, sated the Virus Bulletin.