Identifying Deceptive Phishing Websites

A signature feature of Internet Explorer is its capability to inspect websites and block access to or provide a warning about those that appear suspicious. These so-called phishing sites are designed by scammers to closely resemble online commerce and banking sites . The scammer's goal is to fool you into visiting the site (usually by enticing you to click a link in an e-mail message) and then fill in sensitive information such as your logon credentials, account numbers, and details about your identity.

SmartScreen Filter, an updated version of the Phishing Filter introduced with Internet Explorer 7, detects known and suspected phishing sites and does its best to deter you from falling prey to such sites The feature does its detective work with the help of an allow list, a set of rules, and a server-based block list that is continually updated. The initial check is heuristic, looking at the content of the page itself; if all the images are from a bank's website, for example, but the submit button goes to a URL containing an IP address, red flags go up

If SmartScreen Filter thinks you're headed to a dodgy page, it displays a bright, bold, red warning before you ever get there . A banner-sized link provides one-click egress to the safety of your home page; a smaller link lets you disregard the warning and carry on . If you do proceed to a site that SmartScreen Filter has flagged, your address bar remains blood red as a warning.

When you first run Internet Explorer, the program prompts you to turn SmartScreen Filter on . If you declined then and have changed your mind, choose Safety, SmartScreen Filter, Turn On SmartScreen Filter. Other options on the SmartScreen Filter fly-out menu let you perform an ad-hoc check of a site (which is useful if you do not have the filter turned on but available even if you do) and report a site that appears suspicious to you but has not been flagged by the filter.

SmartScreen's background sniffing should not prove intrusive. You can, however, turn the feature off altogether (return to the SmartScreen Filter fly-out menu) or disable it for particular security zones . To turn it off for sites in your Trusted Sites zone, for example, choose Tools, Internet Options and click the Security tab . Select Trusted Sites, click Custom Level, and then, under Use SmartScreen Filter, select Disable.

For more information about phishing and other hazards of the online world, see Microsoft's white paper A Safer Online Experience. You can safely download it at w7io.com/0603.

Was this article helpful?

0 0
Digital Cancers

Digital Cancers

Get All The Support And Guidance You Need To Be A Success At Protecting Your PC. This Book Is One Of The Most Valuable Resources In The World When It Comes To The Damaging Facts About Computer Viruses.

Get My Free Ebook


Post a comment