New enhancements to Phishing Filter protection for IE

Hello, I’m John Scarrow and am the general manager for the Anti-Spam and Anti-Phishing Team at Microsoft. My team developed and runs the Microsoft Phishing Filter you’ve seen for the current beta of Internet Explorer for Windows Vista and Internet Explorer 7 for Windows XP, and I wanted to follow up on previous posts about the Phishing Filter to highlight some news from today. 

Today Microsoft announced agreements with three new data providers – Cyota Inc., Internet Identity and MarkMonitor – who will regularly supply information to us on thousands of confirmed phishing Web sites to help ensure the URL reputation service that helps power the Phishing Filter is running with the latest information on known attacks that the industry can provide. We use this information in combination with the information reported to us directly by our customers through the Phishing Filter itself to help quickly block known phishing scams once they are reported.  In fact, the service is actually updated several times an hour to help ensure the protection is pushed to users as quickly as possible.

For those of you familiar with how the service works, I should also say that we of course also still use machine-learning heuristics to scan pages for phishy characteristics to determine whether a warning is needed – which is particularly helpful in the space of time between when a phishing attack begins and when it gets reported to the service. But this dynamic reporting and blocking system for known bad sites is critically important for helping protect our customers and I’m excited that we’ve got some great new data providers on board to help.

Before you ask, these data providers won’t necessarily be the last or only companies that will provide this service for us – although we are anticipating great results with the data they can provide. So you know, we use a standardized process to work with interested organizations to determine opportunities to provide this kind of service to help feed our overall mix of data sources.  So, if you happen to know of a company or organization you think we should be working with, definitely let us know!

In related news, you may also be interested to know that, in addition to including the Phishing Filter technology in IE7, customers using Windows XP SP2 can also get the Phishing Filter with today’s final launch of the Phishing Filter Add-in for the MSN Search Toolbar – downloadable for free at But for those of you who are already beta testing IE7 and Windows Vista, you should already be seeing this filter protection, which will be even better now that we have Cyota, Internet Identity and MarkMonitor on board.

If you want to know more about the Phishing Filter, check out the home page for Anti-Phishing Technologies and if you want more details on today’s announcement, here’s today’s press release on the news:

- John