Windows Vista's Phishing Filter: A User's Guide

“Phishing” is when an e-mail is sent with the intent of extracting personal information from the recipient. Typically, the information being sought is both personal and financial. As such, the authors of these phishing efforts typically disguise the e-mail as a very professional and courteous correspondence from a trusted source such as a bank, insurance company, or even educational institution. Within the body of the e-mail is a hyperlink to a fraudulent Web site which will present a similarly trusting face to the ensnared victim and then require perhaps two or three pieces of information to “update their database” or “process their re-enrollment.”

In addition to posing as a familiar face to the victim, these Web sites portray themselves as extremely security-conscious and require great levels of “authentication” before continuing. It is in the information provided for validation that the scammers reach their goal in gaining passwords, Social Security numbers (SSNs), and account numbers. Their ploy is to present themselves as everything that they’re not; secure, professional, and out for your best interests.

Windows Mail now boasts an additional tool to the typical arsenal of antimalicious mail weaponry, and that is the integration of Microsoft’s Phishing Filter. Initially a part of Internet Explorer and the MSN toolbar, the Phishing Filter automatically analyzes URLs presented to and clicked by the user in Windows Vista and compares them to a local copy of the blacklists maintained at Microsoft (these local copies are updated as part of Microsoft Update).

Windows Mail can take the Phishing Filter service even further by analyzing incoming messages to not only see whether the URLs listed in the body of the message are known for phishing, but also whether the actual links in HTML messages are the same as the URLs displayed to the user. Messages caught by the Phishing Filter can be accepted or rejected.

Scanning from the Start

In accordance with Microsoft’s continued effort to provide applications and platforms that are secure out of the box, the Phishing Filter built into Windows Mail is enabled by default. In fact, very few settings are available to the user. The only place to adjust settings for the filter is within the settings for the Junk Filter. You can access these settings via Tools | Junk E-mail Options.

Five tabs are exposed for configuring all junk-mail-related options, the last of these being the Phishing Filter.