Figures don't lie, the old aphorism goes, but liars can figure. And after nearly 20 years covering technology, I've realized that you could update that saying to: Benchmarks don't lie, but liars can benchmark.
What brings this to mind is a nasty war of words between Microsoft and Mozilla, the publishers of Firefox, over whose browser is more secure. Both are pointing fingers at the other, claiming that their benchmarks really tell the tale.
[ Get your websites up to speed with HTML5 today using the techniques in InfoWorld's HTML5 Deep Dive PDF how-to report. | Learn how to secure your Web browsers in InfoWorld's "Web Browser Security Deep Dive" PDF guide. ]
I'm not saying any of these folks are actually lying, but they're using benchmarks and other statistics to prove a point they want to make and make themselves look as good as possible. My advice is to ignore the argument; the only people who really care about it are the people who work for one side or the other, and tech writers who love nothing more than conflict. As it happens, all three of the major browsers -- Microsoft's Internet Explorer, Mozilla's Firefox, and Google's Chrome -- are more than secure enough for most consumers and businesses.
That's not to say you can forget about security on the Web. The browser is part of your defense, but a bigger part is your brain. That's right, the smart user who pays attention to what he or she sees on the screen is always safer, particularly against a very nasty tactic called "phishing."
By now you've probably heard of phishing. It's an email or Tweet or Facebook message that appears to come from someone you know or an institution you do business with, like your bank or credit card company. It will contain a link that might do something as harmless, though annoying, as taking you to a site to look at advertising you don't want to see, or in the worst case, download malware onto your computer.
Browsers and your basic security software will detect many phishing attacks, but not all. So, I'll repeat what you should already know. If a message looks odd, look carefully at the address. If you see something from say Chase, that comes from firstname.lastname@example.org (that came to me the other day), delete it. In fact, never click on a link in an email unless you know for sure who sent it.
Having said that, there are times when all of us let down our guard and get caught. Here are some of the most common problems that phishing can cause, and some solutions, courtesy of an industry coalition called the Anti Phishing Working Group.
Hijacked eBay account: If you think your eBay account has been hijacked and you can still log in to the site, you should change your password and make sure that any active bids and listings were put there by you or a family member. If you can't log in, try this link. If it doesn't work, here's a number you can call to report fraud (it's not for routine help requests): 866-961-9253.