Section 10.4. The Phishing Filter: All Versions

Previous page
Table of content
Next page

10.4. The Phishing Filter: All Versions

The criminal mind knows no bounds. How else do you explain the clever nefariousness of phishing attacks?

In a phishing attack, you're sent what appears to be legitimate email from a bank, eBay, PayPal, or some other financial Web site. The message tells you that the site needs to confirm account information, or warns that your account has been hacked, and needs you to help keep it safe.

If you, responsible citizen that you are, click the provided link to clear up the supposed problem, you wind up on what looks like the bank/eBay/PayPal Web site. But it's a fake, carefully designed to look like the real thing; it's run by a scammer. If you type in your password and login information, as requested , the next thing you know, you're getting credit-card bills for $10,000 charges at high-rolling Las Vegas hotels.

The fake sites look so much like the real ones that it can be extremely difficult to tell them apart. (That's can be; on some of the phishing sites, spelling mistakes a fourth grader wouldn't make are a clear giveaway.) To make the site seem more realistic, the scam artist often includes legitimate links alongside phony ones. But if you click the login link, you're in trouble.

Internet Explorer 7's new phishing filter protects you from these scams. You don't need to do anything to turn it on; it's always running.

One day, though, when you least expect it, you'll be on your way to visit some Web siteand Internet Explorer will stop you in your tracks with a pop-up warning that you're about to open to a " reported phishing website" (Figure 10-7).

Figure 10-7. Don't go there: Internet Explorer blocks you from visiting known phishing sites. It uses a variety of methods for determining what's a legitimate site and what's a phishing site, including getting updated lists of known phishing sites .


In that situation, click the green checkmark button to close the page. Do not click the red X button; it will send you through to the phony site.

If Internet Explorer isn't quite sure about a certain site's phishiness, but it has a funny feeling in its bones, a yellow button appears next to the Address bar that says, "Suspicious Website." Unless you absolutely know the site is legitimate, it's a good idea to head somewhere else.

10.4.1. Phine-Tuning the Phish Philter

There's not much to controlling the phishing-filter feature; you can turn it on and off and check a certain Web site to see if it's legitimate. Choose Tools Phishing Filter to view the following options:

  • Check this Website . This command sends the address of the Web site you're visiting to Microsoft's computers, where it's checked against the massive real-time database of phishing sites.

    Note: The first time you try this command, you'll get a pop-up message that explains, for the sake of your privacy paranoia , that you're about to transmit anonymous information to Microsoft. Click OK to proceed; if you want the warning to never appear again, check the box next to "Don't show this again."

    After a moment, a message appears to let you know whether the site is legitimate, suspicious, or a phishing site. If it's legitimate, a box pops up telling you so (Figure 10-8, top); if it's suspicious or a phishing site, the warning appears in the Address Bar (Figure 10-8, bottom).

    Figure 10-8. Top: If you ask for a phishing check, Internet Explorer consults a Microsoft database. In this case, the site is legit .
    Bottom: Danger! You're sitting on a known phishing site. (This site was a particularly malicious one; if you clicked a link on it, the site would attempt to silently install a virus on your PC without your knowledge.)


    FREQUENTLY ASKED QUESTION
    Sherlock Explorer

    How does Internet Explorer know what's a phishing site and what's not?

    IE uses three bits of information to figure out whether a site is legitimate or a phishing site.

    Its first line of defense is a Microsoft-compiled, frequently updated database of known phishing sites that, believe it or not, sits right on your own hard drive. Whenever you head to a Web site, Internet Explorer consults that database. If the Web site appears in the list, you get the warning. (The database is compiled from several phish-tracking companies, including Cyota, Internet Identity, and MarkMonitor, as well as from direct user feedback.)

    Second, Internet Explorer uses heuristics, a sort of low-level artificial intelligence. It compares characteristics of the site you're visiting against common phishing-site characteristics. The heuristics tool helps IE recognize phishing sites that haven't yet made it into the database of known sites.

    Finally, Internet Explorer quietly sends addresses of some of the sites you visit to Microsoft, which checks it against a frequently updated list of reported phishing sites (not the database on your PC).


  • Turn Off/On Automatic Website Checking . This option sounds as if it turns off the phishing filter, but it really doesn't do that. Instead, it disables one of the lines of defense against phishing sites: sending a list of Web sites that you visit to Microsoft, to check against Microsoft's database.

    Note: Actually, Automatic Website Checking sends more than just the address of the site you're visiting to Microsoft. It also sends your computer's IP address, browser type, and phishing filter version number. It's transmitted in encrypted form. No information associated with the site is sent, like search terms you've used, information you've entered into forms, or cookies.

    However, you'll still be protected by the two other lines of defense (checking your own PC's database of phishing sites and heuristic checking).

    Microsoft says that it doesn't save the Web site addresses it collects, and can't associate it with you in any way. If you'd prefer not to transmit your whereabouts to Microsoft or anyone else, however, you can turn off this featurewith the understanding that you'll be a little more vulnerable to phishing attacks.

  • Report this Website . If you stumble onto a Web site that you think is a phishing site, click here. A new browser window opens; turn on "I think this is a phishing Website." Choose the language used by the site, and then click Submit.

    Also use this option in the opposite situation: when you're visiting what you know is a legitimate site, but that Internet Explorer identifies as a phishing site. Just above the Submit button are two choices: one for reporting that you don't think the Web site is a phishing site, and the other to report that you know it's not a phishing hole because you own it.

  • Phishing Filter Settings . When you select this option, the Advanced Internet Options dialog box opens, crammed with Internet Explorer settings covering virtually every aspect of the browser. To see the phishing filter settings, scroll way down, almost to the bottom of the list.

    Choose Disable Phishing Filter if you think you can spot the tricksters perfectly well on your own. The other options provide a second place where you can turn that sending-Web-site-information-to-message ("automatic website checking") on or off.



Previous page
Table of content
Next page
Windows Vista. The Missing Manual
Windows Vista: The Missing Manual
ISBN: 0596528272
EAN: 2147483647
Year: 2006
Pages: 284
Authors: David Pogue
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
CISSP Exam Cram 2
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Developing Tablet PC Applications (Charles River Media Programming)
SQL Hacks
The Java Tutorial: A Short Course on the Basics, 4th Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy