Windows Vista's Phishing Filter: A User's Guide: Page 2

(Page 2 of 4)

The Phishing Tab

By default, the Phishing Filter is set to protect the user’s Inbox against “phishing,” though not to move the mail in any way out of the Inbox. The options available to the user are to accept this protection, remove the protection altogether, or choose to have the protection enabled and all detected e-mails moved into the Junk E-mail folder.

Because the updates for the Phishing Filter take place within Windows Update and have little to do with human interaction, there are no settings to modify this within the Windows Mail user interface. Rather, Windows Vista handles the security and the updating for the utility on behalf of the user.

It is important to understand that the default behavior of the Phishing Filter is not regulated by Windows Mail, but by Internet Explorer. If the Phishing Filter is not set to automatically check in with Microsoft’s blacklists (which is the default setting), the filter (which is enabled automatically within Windows Mail) checks URLs in messages only against the local copy of the blacklist.

A point for clarification is the distinction between junk e-mail and phishing e-mail. Junk e-mail is mail identified as having a certain level of content that is sinister, erroneous (smart speak for “bogus”), advertisement-related, and so on. Phishing, on the other hand, is very specific and typically requires that the user take action to be forwarded to a Web site or form. Windows Mail handles these two types of electronic garbage differently. If a message has a high probability of being junk mail and is considered to be only “potentially” fraudulent, that message will be moved over to the Junk E-mail folder.

The settings for junk e-mail on the Options tab take precedence as the e-mail is not actually considered to be a phishing attempt. A message is classified as a phishing attempt if the sender, subject, or content/URL in the body of the e-mail is verified with the local copy of the Microsoft blacklist. The Phishing Filter service performs these checks in real time, allowing for a very high degree of security before messages are even opened.

Working with Filtered Mail

When Windows Mail receives a potentially malicious message, it immediately scans the message for any fraudulent links. If it does not detect such a link, Windows Mail will determine whether the message should go to the Inbox or to the Junk E-mail folder.

The first action that is actually visible to the user is the pop-up security window, where the user is given the opportunity to navigate to the Junk E-mail folder (where the message resides), navigate to the Junk E-mail Options page, or set Windows Mail such that it will never prompt on such an occurrence again.

Page 2 of 4

Previous Page
1 2 3 4
Next Page

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.