So this time, “Don’t knock my tea kettle” (you can look here for the meaning: It’s accurate) with “They bought the results.”: They didn’t.
First, what is socially engineered malware?
Socially engineered malware is disguised and/or hidden within another software package so that when a user is enticed to download and install the software, the malware is installed as well. Socially engineered malware attacks pose one of the largest risks to individuals and organizations alike by threatening to compromise, damage or expose sensitive information. With over 50% of malware delivered via the web, protecting against these threats requires more sophisticated techniques and resources and is driving the evolution of security products at the desktop level. – Trendmicro
“At the desktop level” – that’s the second layer. Your browser is the first. IE9 rated an impressive 99.2% block rate. Sorry, I’m getting ahead of myself.
Second, how is it delivered?
Email, live chat, a reference or link, a “Virus Alert” message, "a “Malware found on your computer” message, “Account information” message requiring you to reply using your info, physical attraction (sexy picture), an accusatory message from a “network administrator” or law enforcement agency prompting you to “rectify” some situation, current events (disaster charity requests), free stuff (or cracking/cracked softwarze), trusted sender (someone you know), implicit and explicit sender spoofing (using a legitimate victim’s email to send more malware), attachments to emails, icon manipulation (malware installation by using a trusted icon altered by the sender), attachment relevance (Magistr 2001, old) and attachment archiving (putting the malware.exe in a zip/rar file), post execution (clever, after execution shows an error message while the malware is actually installed).
A really good discussion of all this can be found here in an article by Matt Braverman (link tested and is secure, leads to PDF file for download).
Results of the testing showed:
“It became obvious from these recent tests, in comparison to NSS Labs' earlier global tests, that Microsoft continues to improve their IE malware protection in IE9 through its SmartScreen® Filter technology and with the addition of SmartScreen Application Reputation technology. With a unique URL blocking score of 99.9% and over-time protection rating of 99.2%, Internet Explorer 9 was by far the best at protecting against socially-engineered malware. Copies of the Web Browser Security Comparative Test Report against Socially-Engineered Malware (including Global, Asia-Pacific, and European reports) are available for no charge at www.nsslabs.com/browser-security.”
– Microsoft press release on MSNBC http://www.msnbc.msn.com/id/44146384#.TkpTEF33srU
Well, a press release. Gotta check this out before someone kills me for inadequate reference reliability, so I looked further: Here, here (the windows blog), here (for the malware discussed) and here (Neowin.net). The browser related material relates to the NSS labs report above.
I know you hate ie9 because it’s butt ugly and unskinnable.
But man, is it safe! To me, that counts more. Sorry (not!).
I do not recommend ie9 x64. It’s Java engine is broken. You’ll die of old age before it gets anywhere. But, x64 system users can use the x32 (x486, if you prefer) ie9 and it’s plenty fast enough for the security you get:
“Microsoft says that since the NSS Labs' last report on this subject in October 2010, "... the average time taken by SmartScreen filter to block a threat has gotten 28 (percent) faster - and if Application Reputation is considered, then the average time has improved by 85 percent." – John Callahan, Neowin.net
And the security (image from the NSS Report)?
To me, this says it all.