IE8 and SmartScreen Filter

Original author: Eric Lawrence
  • Transfer
In Internet Explorer 7, we introduced a phishing filter that warns the user when trying to visit a site that is on the so-called “black list”. In addition, we work with partners to implement advanced certificate verification, which allows highlighting the address bar when a user visits a site with verified authentication. In addition to the phishing filter, Microsoft has also published training materials on detecting phishing scams, and has developed a strategy to prevent phishing attacks at different levels.

Based on the success of the filter, which blocks a million phishing attacks weekly for Internet Explorer 8, we developed the SmartScreen filter, which absorbed the phishing filter itself, as well as a number of new features:
  • Improved user interface
  • Improved performance
  • New heuristics and enhanced telemetry
  • Anti-Malware Support
  • Improved Group Policy Support

Improved user interface


To begin with, we simplified the work with the filter by integrating the selection into the dialog box for the first launch of IE. You can change the settings after that, through the Tools menu.

Further, the new SmartScreen lock page explains in plain language how to avoid getting to known insecure sites. Here is a screenshot of the warning, one of the phishing sites: The

image

link “Return to the home page” makes it easy to leave the unsafe site and continue surfing. If you ignore the SmartScreen warning by clicking “Ignore and continue,” the address bar will be red throughout your stay on the site, reminding you of a constant threat.

If you find a new phishing site, you can add it for analysis through the "Report insecure website" function in the Tools menu.

Improved performance


As part of our investments in improving IE performance, we have implemented several changes for the SmartScreen filter, in order to increase the speed and reduce its impact on the browser. Detection of unsafe sites occurs in parallel with the move, therefore, you can confidentially go around sites without looking for a compromise between performance and security.

New heuristics and enhanced telemetry


Due to the development of phishing sites and their systems for bypassing recognition and blocking, the SmartScreen filter has also evolved and now it can catch reptiles more efficiently. New heuristics developed with Microsoft research teams are able to evaluate more aspects of each web page and are more likely to detect suspicious behavior. These new heuristics, combined with improved telemetry, allow URL Reputation Services to identify and block phishing sites faster than ever.

In rare cases, SmartScreen will ask for feedback on a site with a dubious reputation, as shown in the screenshot:

image

The user's response about an unknown site will be saved by the SmartScreen web service, which quickly recognizes whether it should be blocked or not.

Anti-Malware Support


A SmartScreen filter is more than just an anti-phishing program. It helps block sites that distribute malware and other dangerous software that tries to attack your computer and steal personal information. There are many types of malware , and most of these programs can significantly affect your privacy and security. SmartScreen anti-malware is based on URL reputation - this means that it evaluates the servers responsible for the downloads and determines whether they are on the list of distributors of insecure content. Based on reputation, SmartScreen analysis works seamlessly with other anti-malware technologies like the Malicious Software Removal Tool , Windows Defender andWindows Live OneCare , to provide comprehensive protection against malware.

If you are caught by crooks spreading malware via the website, SmartScreen will block the page and inform the user about unsafe software:

image

On the other hand, if you click on the direct download link located on the already known system of a dangerous website, the Internet Explorer download dialog will interrupt the download to warn the user:

image

SmartScreen anti-maleware complements IE functionality that fights exploits in browser add-ons and helps protect you from a wide range of threats.

Group Policy Support


Group Policy can be used to enable or disable the SmartScreen filter for Internet Explorer users in a Windows domain controller. The new Group Policy feature allows domain administrators to prevent users from rejecting SmartScreen filter warnings. When Group Policy restrictions are enabled, the SmartScreen filter warning option is not displayed on the lock page and in the download window.

image

Personal data


As Dean's article emphasized , personal data is the main component of reliable surfing on the Internet. As with IE7, Microsoft helps users protect personal information from insecure sites. The URL data is transmitted to the SmartScreen service for analysis in encrypted form via HTTPS. Data does not store user IP addresses or personal information for identification. Since the security of user personal data is important for all Microsoft products and technologies.

conclusions


Internet criminals are increasingly using social engineering techniques for attacks, but we are working hard on tools that provide security on the web. IE8 SmartScreen is designed to combat both phishing and malicious sites, protecting your personal data and providing high-performance and safe surfing on the Internet.

Also popular now: