IE8 and SmartScreen Filter
In Internet Explorer 7, we introduced a phishing filter that warns the user when they try to visit a site on the so-called “blacklist”. In addition, we are working with partners to implement advanced certificate verification, which allows us to highlight the address bar when a user visits a site with verified identification. In addition to the phishing filter, Microsoft also published educational materials on detecting phishing scams, and also developed a strategy to prevent phishing attacks at various levels.
Based on the success of the filter that blocks the millions of phishing attacks weekly for Internet Explorer 8, we developed the SmartScreen filter, which absorbed the phishing filter itself, as well as a number of new features:
To begin with, we simplified the work with the filter, integrating the selection into the dialog box of the first launch of IE. You can change the settings after that, via the Tools menu.
Further, the new SmartScreen blocking page explains in an understandable language how to avoid getting to known unsafe sites. Here is a screenshot of a warning from one of the phishing sites:
')
The “Return to Home Page” link makes it easy to leave an insecure site and continue surfing. If you ignore the SmartScreen warning by clicking "Ignore and continue", the address bar will be red for the duration of your stay on the site, recalling the constant threat.
If you find a new phishing site, you can add it for analysis through the function “Report an unsafe website” in the Tools menu.
As part of our investment in improving the performance of IE, we implemented several changes for the SmartScreen filter, to increase the speed and reduce its impact on the browser. Detection of unsafe sites occurs in parallel with the movement, therefore, you can privately walk through the sites, not looking for a compromise between performance and security.
Due to the development of phishing sites and their systems of circumference recognition and blocking, the SmartScreen filter has also evolved and now it can catch reptiles more effectively. New heuristics developed by Microsoft research teams are able to evaluate more aspects of each web page and are more likely to detect suspicious behavior. These new heuristics combined with improved telemetry allow URL Reputation service to identify and block phishing sites faster than ever.
In rare cases, SmartScreen will ask for feedback on a site with a dubious reputation, as shown in the screenshot:
The user's response to an unknown site will be saved by the SmartScreen web service, which quickly recognizes whether to block it or not.
SmartScreen Filter is a little more than just an anti-phishing program. It helps block websites that spread malware and other dangerous software that attempts to attack your computer and steal personal information. There are many types of malware , and most of these programs can significantly affect your privacy and security. SmartScreen anti-malware is based on URL reputation - this means that it evaluates the servers responsible for downloads and determines if they are listed as unsafe content distributors. Based on reputation, SmartScreen analysis works in concert with other anti-malware technologies like Malicious Software Removal Tool , Windows Defender and Windows Live OneCare , to provide comprehensive protection against malware.
If you are hooked by villains who spread malware through a site, SmartScreen will block the page and inform the user about unsafe software:
On the other hand, if you click on the direct download link located on the dangerous site already known to the system, the Internet Explorer download dialog will stop downloading the user to warn:
SmartScreen anti-maleware adds IE functionality that fights exploits in browser add-ons and helps protect you from a wide range of threats.
Group Policy can be used to enable or disable the SmartScreen filter for Internet Explorer users in a Windows domain controller. A new Group Policy feature allows domain administrators to prevent users from rejecting SmartScreen filter warnings. When Group Policy restrictions are enabled, the SmartScreen filter warning rejection option is missing on the lock page and in the download window.
As emphasized in the article by Dina , personal data is the main component of reliable surfing the Internet. As with IE7, Microsoft helps users protect personal data from insecure sites. These URLs are transmitted to the SmartScreen service for analysis in encrypted form via HTTPS. The data does not store user IP addresses or personal information for identification. Since the security of personal data of users is important for all Microsoft products and technologies.
Internet criminals are increasingly using social engineering techniques to attack, but we are working hard on tools that provide security on the web. IE8 SmartScreen is designed to combat both phishing and malicious sites, protecting your personal data and providing high-performance and safe surfing on the Internet.
Based on the success of the filter that blocks the millions of phishing attacks weekly for Internet Explorer 8, we developed the SmartScreen filter, which absorbed the phishing filter itself, as well as a number of new features:
- Improved user interface
- Improved performance
- New heuristics and enhanced telemetry
- Anti-Malware Support
- Improved Group Policy Support
Improved user interface
To begin with, we simplified the work with the filter, integrating the selection into the dialog box of the first launch of IE. You can change the settings after that, via the Tools menu.
Further, the new SmartScreen blocking page explains in an understandable language how to avoid getting to known unsafe sites. Here is a screenshot of a warning from one of the phishing sites:
')
The “Return to Home Page” link makes it easy to leave an insecure site and continue surfing. If you ignore the SmartScreen warning by clicking "Ignore and continue", the address bar will be red for the duration of your stay on the site, recalling the constant threat.
If you find a new phishing site, you can add it for analysis through the function “Report an unsafe website” in the Tools menu.
Improved performance
As part of our investment in improving the performance of IE, we implemented several changes for the SmartScreen filter, to increase the speed and reduce its impact on the browser. Detection of unsafe sites occurs in parallel with the movement, therefore, you can privately walk through the sites, not looking for a compromise between performance and security.
New heuristics and enhanced telemetry
Due to the development of phishing sites and their systems of circumference recognition and blocking, the SmartScreen filter has also evolved and now it can catch reptiles more effectively. New heuristics developed by Microsoft research teams are able to evaluate more aspects of each web page and are more likely to detect suspicious behavior. These new heuristics combined with improved telemetry allow URL Reputation service to identify and block phishing sites faster than ever.
In rare cases, SmartScreen will ask for feedback on a site with a dubious reputation, as shown in the screenshot:
The user's response to an unknown site will be saved by the SmartScreen web service, which quickly recognizes whether to block it or not.
Anti-Malware support
SmartScreen Filter is a little more than just an anti-phishing program. It helps block websites that spread malware and other dangerous software that attempts to attack your computer and steal personal information. There are many types of malware , and most of these programs can significantly affect your privacy and security. SmartScreen anti-malware is based on URL reputation - this means that it evaluates the servers responsible for downloads and determines if they are listed as unsafe content distributors. Based on reputation, SmartScreen analysis works in concert with other anti-malware technologies like Malicious Software Removal Tool , Windows Defender and Windows Live OneCare , to provide comprehensive protection against malware.
If you are hooked by villains who spread malware through a site, SmartScreen will block the page and inform the user about unsafe software:
On the other hand, if you click on the direct download link located on the dangerous site already known to the system, the Internet Explorer download dialog will stop downloading the user to warn:
SmartScreen anti-maleware adds IE functionality that fights exploits in browser add-ons and helps protect you from a wide range of threats.
Group Policy Support
Group Policy can be used to enable or disable the SmartScreen filter for Internet Explorer users in a Windows domain controller. A new Group Policy feature allows domain administrators to prevent users from rejecting SmartScreen filter warnings. When Group Policy restrictions are enabled, the SmartScreen filter warning rejection option is missing on the lock page and in the download window.
Personal data
As emphasized in the article by Dina , personal data is the main component of reliable surfing the Internet. As with IE7, Microsoft helps users protect personal data from insecure sites. These URLs are transmitted to the SmartScreen service for analysis in encrypted form via HTTPS. The data does not store user IP addresses or personal information for identification. Since the security of personal data of users is important for all Microsoft products and technologies.
findings
Internet criminals are increasingly using social engineering techniques to attack, but we are working hard on tools that provide security on the web. IE8 SmartScreen is designed to combat both phishing and malicious sites, protecting your personal data and providing high-performance and safe surfing on the Internet.
Source: https://habr.com/ru/post/69050/
All Articles