Microsoft Office 2003 SP2's antiphishing filter for Outlook

Unfortunately, most people aren't aware of how widespread or insidious phishing scams are, and often have a hard time telling if a link is legitimate or not.

To that end, the new Office 2003 Service Pack 2 update adds functions to Microsoft Outlook 2003's Junk E-mail Filter to help protect against phishing scams.

How it works

When Microsoft Outlook receives an email with hyperlinks in it, the email is checked by the Junk E-mail Filter to see if it might be coming from a spoofed address, or if the links in it are suspicious. If the links look suspicious -- even if the mail itself hasn't been tagged as spam -- the hotlinks in the mail are disabled. Clicking on one of them brings up the warning:

A bar at the top of the message reads:

Users then has to go through an extra step to open a possibly dangerous link. When doing so, they have the option to add the sender to a list of known good domains.

Because of the way the filter evaluates messages, it's sometimes a little overzealous, but Microsoft decided it was better to err on the side of caution.

For instance, I receive Favorite Search email once a day from eBay -- a report of what's currently matching all my most common eBay searches. The links in the message are "bounced" through the Doubleclick.net ad service. And, since Doubleclick.net isn't listed as a safe domain in my copy of Microsoft Outlook, the links in my Favorite Search email are blocked.

About the author: Serdar Yegulalp is editor of the Windows Insight.

MEMBER FEEDBACK TO THIS OUTLOOK SECURITY TIP

Can this feature be disabled? If so, how?
—David B.

********************

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Phishing and Email Fraud Protection Exchange 2007 out-of-office (OOF) feature adds usability and security Microsoft Outlook and Exchange Server 2003 Email Security Guide A Microsoft Outlook email security tutorial -- 8 tips in 8 minutes Microsoft Office 2007's native security and antiphishing tools New tools fight fraud and phishing Phishing protection primer Phishing: A whale of a problem for enterprises Three ways phishers are hooking you New phishing threat outpaces Netsky-P PhishTank casts its net for malicious email Antivirus Software and Virus Protection How file-level antivirus software can harm your Exchange Server Troubleshooting Outlook Web Access issues on a 64-bit system Microsoft Exchange Server security dos and don'ts How effective is tracking the IP address of an email hacker? Minimize remote and mobile Outlook Web Access (OWA) security risks Secure Edge Transport servers using the Security Configuration Wizard The six-layered secret of effective Exchange Server email filtering Microsoft Outlook and Exchange Server 2003 Email Security Guide How to install and configure an Edge Transport server for Exchange 2007 Process, compress and block Microsoft Outlook email attachments Microsoft Outlook Stop personal calendar appointments from showing on Exchange Server Relocating Outlook email messages on a hosted Exchange 2007 server Creating Meeting Workspaces in MOSS 2007 and Outlook 2007 Control Outlook 2007 in cached mode settings with group policies Sending poll questions through Exchange to non-Outlook users Sort Microsoft Outlook email messages by original date Performing advanced search queries in Microsoft Outlook 2007 Synchronized Exchange mobile device showing deleted appointment Group policy settings for Outlook 2007 in cached mode Problems creating Microsoft Outlook profile in Windows Vista Microsoft Outlook Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary greylist  (SearchExchange.com) Sender ID  (SearchExchange.com) Vouch by Reference (VBR)  (SearchExchange.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

**********************

In Microsoft Outlook, go to Actions -> Junk E-mail -> Junk E-mail Options, and uncheck the box marked "Don't turn on links in messages that might connect to unsafe or fraudulent sites."
—Serdar Yegulalp, tip author

******************************************

Can this feature be turned off by a group policy object (GPO) setting?
—David L.

******************************************

There is a registry setting you can change for it through GPO:

HKCU\Software\Policies\Microsoft\Office\11.0\Outlook\Options\Mail

Create a DWORD named JunkMailEnableLinks and set it as follows:

1: Allow links in junk mail to be active.
0: Disable links in junk mail (default).

I don't think this setting works in Microsoft Outlook 2007, though.
—Serdar Yegulalp, tip author

******************************************

Is there a way to set this filter so that recipients -- and/or sites -- that I deem to be safe will have the links available (i.e., not blocked)?
—Michael O.

******************************************

If you receive an email from a domain that you know is safe, you can declare that domain exempt from the phishing filter within the message itself or from the Actions -> Junk E-mail menu option.

For instructions on how to do this, read Microsoft's "Get antiphishing and spam filters with Outlook SP2."
—Serdar Yegulalp, tip author

Do you have comments on this tip? Let us know.

Please let others know how useful this tip is via the rating scale below. Do you have a useful Exchange Server or Microsoft Outlook tip, timesaver or workaround to share? Submit it to our tip contest and you could win a prize.

Rate this Tip To rate tips, you must be a member of SearchExchange.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.