Phishing Filter: frequently asked questions

This information applies to Windows Internet Explorer 7.

Here are answers to some common questions about Internet Explorer Phishing Filter.

Show all

What is phishing?

Online phishing (pronounced like the word fishing) is a way to trick computer users into revealing personal or financial information through an e‑mail message or website. A common online phishing scam starts with an e‑mail message that looks like an official notice from a trusted source, such as a bank, credit card company, or reputable online merchant. In the e‑mail message, recipients are directed to a fraudulent website where they are asked to provide personal information, such as an account number or password. This information is then usually used for identity theft.

What is Phishing Filter and how can it help protect me?

The Microsoft Phishing Filter is a feature in Internet Explorer that helps detect phishing websites. Phishing Filter runs in the background while you browse the web and uses three methods to help protect you from phishing scams. First, it compares the addresses of websites you visit against a list of sites reported to Microsoft as legitimate. This list is stored on your computer. Second, it helps analyze the sites you visit to see if they have the characteristics common to a phishing website. Third, with your consent, Phishing Filter sends some website addresses to Microsoft to be further checked against a frequently updated list of reported phishing websites.

If the site you are visiting is on the list of reported phishing websites, Internet Explorer will display a warning webpage and a notification on the Address bar. From the warning webpage, you can continue or close the page. If the website contains characteristics common to a phishing site but isn't on the list, Internet Explorer will only notify you in the Address bar that it might possibly be a phishing website. Use of Phishing Filter is governed by the Microsoft Service Agreement. For more information, read the Microsoft Service Agreement online.

What information does Phishing Filter send to Microsoft?

When you use Phishing Filter to check websites automatically or manually, the address of the website you are visiting will be sent to Microsoft, together with some standard information from your computer such as your computer's IP address, browser type, and Phishing Filter version number. To help protect your privacy, the address information sent to Microsoft is encrypted using SSL and limited to the domain and path of the website you are visiting. Other information that might be associated with the web address, such as search terms, information you entered in forms, or cookies, will not be sent.

For example, if you visited the MSN search website at http://search.msn.com and entered "MySecret" as the search term, instead of sending the full address "http://search.msn.com/results.aspx?q=MySecret&FORM=QBHP", Phishing Filter would remove the search term and only send "http://search.msn.com/results.aspx".

Anonymous statistics about your use of Internet Explorer and Phishing Filter will also be sent to Microsoft, such as the time and total number of websites browsed since an address was sent to Microsoft for analysis. This information, along with the information described above, will be used to analyze and improve the Phishing Filter service. Microsoft will not use the information it receives to personally identify you. For more information about what information is sent and how it is used, see the Internet Explorer privacy statement.

Is Phishing Filter always on?

No. When you first install Internet Explorer, Phishing Filter only compares the addresses of the websites you visit against the list of legitimate websites that is saved on your computer. It also helps analyze the websites you visit to see if they have the characteristics common to a phishing website. No information is sent to Microsoft unless you choose to send it. The first time you visit a website that is not on the legitimate website list, you will be prompted to indicate whether you want to check websites automatically. If you choose this option, Phishing Filter will send certain website addresses to Microsoft to be checked against a frequently updated list of reported phishing sites and alert you about suspicious or reported phishing websites.

How do I check a website manually?

If you choose not to check websites automatically, Phishing Filter will display an icon Picture of Phishing Filter icon on the Internet Explorer status bar. To check the website, click the icon, and then click Check this Website. You can also check websites from Internet Explorer by following these steps.

To manually check a website

  1. Open Internet Explorer by clicking the Start button Picture of the Start button, and then clicking Internet Explorer.

  2. Go to a website that you want to check.

  3. Click the Tools button, click Phishing Filter, and then click Check This Website.

What does it mean when a website is flagged as suspicious?

A website that is flagged as suspicious has some of the characteristics typical of phishing websites, and it is neither on the list of legitimate websites that is stored on your computer nor on the online list of reported phishing websites. The website might actually be legitimate, but you should not submit any personal or financial information to it unless you are certain that the site is trustworthy. When a website is flagged suspicious, the Internet Explorer Address bar will turn yellow and will display a message.

What does it mean when a website is flagged as a reported phishing site?

A reported phishing website is one that has been identified as fraudulent and reported to Microsoft. If you visit a reported phishing website, Internet Explorer will block the site, display an information page, and the Address bar will turn red.

One of the sites I visit is being flagged by Phishing Filter, but it's not a phishing website. What can I do?

If you believe that a website has been mistakenly flagged as a phishing site, do the following:

To report errors to Microsoft

  1. Open Internet Explorer by clicking the Start button Picture of the Start button, and then clicking Internet Explorer.

  2. Go to the website that is inaccurately being reported as a phishing website.

  3. Click the Tools button, click Phishing Filter, and then click Report This Website.

  4. Use the webpage that is displayed to report the error.

How do I report a phishing website?

To report a phishing website

  1. Open Internet Explorer by clicking the Start button Picture of the Start button, and then clicking Internet Explorer.

  2. Go to the phishing website.

  3. Click the Tools button, click Phishing Filter, and then click Report This Website.

  4. Use the webpage that is displayed to report the website.

Should I believe a website that tells me to ignore the Phishing Filter warning?

No. Phishing Filter uses reputable information to alert you to phishing and fraudulent websites. In addition, website owners can contact Microsoft if their websites are mistakenly flagged as a phishing site. If a website tells you to ignore Phishing Filter's warnings, do not ignore the warnings and do not enter any personal or financial information.

How does Phishing Filter avoid falsely identifying websites as phishing sites?

Phishing Filter only blocks sites that have been verified as phishing sites by reviewers at Microsoft or by employees at third-party data providers. Phishing Filter also offers a web-based feedback system to help users and website owners report any errors as quickly as possible. These reports are verified and mistakes are corrected.

Can I create a customized list of trusted sites for Phishing Filter?

Yes, corporate computer administrators and individual users can add websites to their list of trusted sites, and then turn Phishing Filter off for all websites in the Trusted Sites security zone.

To add a website to your list of trusted websites and turn Phishing Filter off for that site

  1. Open Internet Explorer by clicking the Start button Picture of the Start button, and then clicking Internet Explorer.

  2. Navigate to the website that you want to add to the list of trusted sites.

  3. Click the Tools button, and then click Internet Options.

  4. Click the Security tab, and then click Trusted sites.

  5. Click the Sites button.

  6. The website address should be shown in the Add this website to the zone box.

    • If the site is not a secure site (HTTPS), clear the Require server verification (https:) for all sites in this zone check box.

  7. Click Add.

  8. Click Close.

  9. On the Security tab, click Custom level.

  10. In the Security Settings dialog box, scroll to find Use Phishing Filter, and then click Disable.

  11. Click OK twice.

Why is Internet Explorer telling me that the Phishing Filter service is unavailable?

When the Phishing Filter service is not available, websites you visit during that time cannot be checked against an online list of phishing websites that have been reported to Microsoft. The service is unavailable if your computer loses its Internet connection. Make sure you are connected to the Internet and try again. If you are connected to the Internet but you haven't updated Internet Explorer recently, you might have an older version that is no longer supported by the Phishing Filter service. To check for updates, click the Tools button, and then click Windows Update or download the latest version from the Internet Explorer 7 webpage.

How do I turn Phishing Filter off?

To turn Phishing Filter off

  1. Open Internet Explorer by clicking the Start button Picture of the Start button, and then clicking Internet Explorer.

  2. Click the Tools button, click Phishing Filter, then click Phishing Filter Settings.

  3. Scroll to the Phishing Filter section under Security in the list of options, click Disable Phishing Filter, and then click OK.

    Phishing Filter will not check or warn you about phishing sites now.

How do I turn Phishing Filter back on?

To turn on Phishing Filter

  1. Open Internet Explorer by clicking the Start button Picture of the Start button, and then clicking Internet Explorer.

  2. Click the Tools button, click Phishing Filter, and then click Turn On Automatic Website Checking.

  3. Click Turn on automatic Phishing Filter, and then click OK.

What can I do to help protect myself from online phishing?

Here are some quick tips that might help protect you from online phishing:

  • Never give out personal information in an e‑mail, instant message, or pop-up window.

  • Do not click links in e‑mail and instant messages from strangers or any link that looks suspicious. Because even messages from friends and family can be faked, check with the sender to be sure they actually sent the message.

  • Only use websites that provide privacy statements or information about how they use your personal information.

  • Routinely review your financial statements and credit history and report any suspicious activity.

  • Keep Windows and Internet Explorer updated. For more information, see Get security updates for Windows.

What should I do if I think I've entered my personal or financial information into a phishing website?

Immediately doing the following might help:

  • Change the passwords or PINs on all your online accounts.

  • Place a fraud alert on your credit reports. Check with your bank or financial advisor if you're not sure how to do this.

  • Contact the bank or the online merchant directly. Do not follow the link in the fraudulent e‑mail.

  • If you know of any accounts that were accessed or opened fraudulently, close those accounts.

What do I do if I discover that I've been a victim of fraud?

Immediately doing the following might help:

  • File a report with the local police.

  • Place a fraud alert on your credit reports. Check with your bank or financial advisor if you're not sure how to do this.

  • Change the passwords or PINs on all your online accounts.

  • Contact the bank or the online merchant directly. Do not follow the link in the fraudulent e‑mail.

  • If you know of any accounts that were accessed or opened fraudulently, close those accounts.