In addition to posing as a familiar face to the victim, these Web sites portray themselves as extremely security-conscious and require great levels of authentication before continuing. It is in the information provided for validation that the scammers reach their goal in gaining passwords, Social Security numbers (SSNs), and account numbers. Their ploy is to present themselves as everything that theyre not; secure, professional, and out for your best interests.
Windows Mail now boasts an additional tool to the typical arsenal of antimalicious mail weaponry, and that is the integration of Microsofts Phishing Filter. Initially a part of Internet Explorer and the MSN toolbar, the Phishing Filter automatically analyzes URLs presented to and clicked by the user in Windows Vista and compares them to a local copy of the blacklists maintained at Microsoft (these local copies are updated as part of Microsoft Update).
Windows Mail can take the Phishing Filter service even further by analyzing incoming messages to not only see whether the URLs listed in the body of the message are known for phishing, but also whether the actual links in HTML messages are the same as the URLs displayed to the user. Messages caught by the Phishing Filter can be accepted or rejected.
Scanning from the Start
In accordance with Microsofts continued effort to provide applications and platforms that are secure out of the box, the Phishing Filter built into Windows Mail is enabled by default. In fact, very few settings are available to the user. The only place to adjust settings for the filter is within the settings for the Junk Filter. You can access these settings via Tools | Junk E-mail Options.
Five tabs are exposed for configuring all junk-mail-related options, the last of these being the Phishing Filter.