| Q. | What is phishing? |
| A. | Online phishing (pronounced "fishing") is a way to trick computer users into revealing personal or financial information through an e-mail message or Web site. A common online phishing scam starts with an e-mail message that looks like an official notice from a trusted source, such as a bank, credit card company, or reputable online merchant. In the e-mail message, recipients are directed to a fraudulent Web site where they are asked to provide personal information, such as an account number or password. This information is then usually used for identity theft. |
| Q. | What is Phishing Filter and how does it help protect me? |
| A. | Microsoft Phishing Filter is a feature in Internet Explorer 7 (Beta) and the technology behind the Microsoft Phishing Filter add-in for MSN Search Toolbar. It is designed to help detect reported or suspect phishing Web sites. Phishing Filter uses three methods to help protect you from phishing scams: 1. | It compares the addresses of Web sites you visit to a list of sites reported to Microsoft as being legitimate. This list is stored on your computer. | 2. | As you are browsing, the filter uses artificial intelligence to help determine whether sites that it doesn't know have characteristics common to phishing sites. | 3. | Phishing Filter can send a Web site address (URL) to Microsoft to be checked against a frequently updated list of reported phishing Web sites. Phishing Filter sends Web site addresses to Microsoft only if you choose to allow this. If the site you are visiting is on this list of reported phishing sites, Internet Explorer or the MSN Search Toolbar will display a warning -- a notification on the Address bar will take you automatically to a warning Web page in IE7. The MSN Toolbar add-in displays a similar warning notification. From the warning Web page, you can continue or close the page. If the Web site has characteristics that are common to a phishing site but isn't on the list, Internet Explorer or the MSN Search Toolbar will notify with a yellow warning only in the Address bar that it is a suspicious phishing Web site. You can click on the notification for more information. |
|
| Q. | Is Phishing Filter on when I first install Internet Explorer 7 (Beta) and the Microsoft Phishing Filter add-in for MSN Search Toolbar? |
| A. | For IE 7 (Beta), parts of Phishing Filter are on by default when you first install IE 7. However, to take full advantage of the Filter’s up-to-the-hour, online, dynamic protection, users must elect to use it. In the final version of IE7, users will have the choice of selecting full use of the Phishing Filter upon installation. Phishing Filter does compare the addresses of Web sites that you visit against a list of Web sites reported as legitimate; this list is stored on your computer. It also analyzes the Web sites you visit to see if they have characteristics common to a phishing Web site. The first time you visit a Web site that is not on the list of legitimate Web sites, you will be asked whether you want Phishing Filter to check Web sites automatically. If you choose this option, Phishing Filter will send certain Web site addresses to Microsoft to be checked against a frequently updated list of reported phishing sites and will alert you about suspicious or reported phishing Web sites. If you choose not to check Web sites automatically, Phishing Filter will display an icon on the Internet Explorer status bar that you can use to check Web sites on a case-by-case basis. To check a Web site, click the icon, and then click Check this Web Site. You can also check any Web site from Internet Explorer by clicking Tools, selecting Phishing Filter, and then clicking Check This Web Site. In the MS Phishing Filter add-in for MSN Search Toolbar, users must elect to use the feature. No information will be sent to Microsoft, but users cannot take advantage of the MS Phishing Filter unless they elect to do so. |
| Q. | What does it mean when a Web site is flagged as "suspicious"? |
| A. | A suspicious Web site has some of the typical characteristics of phishing Web sites, but it is not on the online list of reported phishing Web sites or on the list of legitimate Web sites that is stored on your computer. The Web site might be legitimate, but you should be cautious about entering any personal or financial information unless you are certain that the site is trustworthy. |
| Q. | What does it mean when a Web site is flagged as a "reported" phishing Web site? |
| A. | A reported phishing Web site is one that has been confirmed by reputable sources as fraudulent and has been reported to Microsoft. |
| Q. | What information does Phishing Filter send to Microsoft? |
| A. | Phishing Filter uses an SSL Web connection to send Web site addresses to Microsoft. For more information about what data is sent and how it is used, see the Internet Explorer privacy statement or the MSN privacy statement. |
| Q. | One of the sites I visit is being flagged by Phishing Filter, but it's not a phishing Web site. What can I do? |
| A. | In IE 7, if you believe that a Web site has been mistakenly flagged as a phishing site, click Tools, and then click Report This Web Site. Use the Web page that is displayed to report the error. In the MSN Toolbar, click the Report link in the red bar to report the page for further analysis and verification by the MS Phishing Filter service. |
| Q. | How do I report a phishing Web site? |
| A. | In IE 7, to report a phishing Web site from Internet Explorer, click Tools, and then click Report This Web Site. Use the Web page that is displayed to report the Web site. To report a phishing Web site from the Phishing Filter add-in for MSN Search Toolbar, click the list next to the Phishing Filter icon on the toolbar, and then click Report this website. On the Phishing Filter Feedback Web page, click to enable the I have reason to believe that this URL is a phishing site button, and then click Submit. |
| Q. | How do I turn off Phishing Filter? |
| A. | In Internet Explorer 7, on the Tools menu, click Phishing Filter, and then click Settings. Under Phishing Filter, click Turn Off Phishing Filter. Phishing Filter will no longer check or warn you about phishing sites. In MSN Search Toolbar, click the Phishing Filter button with the shield and click Phishing Filter Options. There, you can turn off Phishing Filter or uninstall the add-in. You can also uninstall the add-in from the control panel of Windows XP, by selecting Add-Remove programs. |
| Q. | How do I turn Phishing Filter back on? |
| A. | In Internet Explorer 7, on the Tools menu, click Phishing Filter, and then click Turn On Automatic Checking. In MSN Search Toolbar, this is turned on by default when you install the add-in. You can turn it off by clicking the Phishing Filter button with the shield and then clicking Phishing Filter options. To turn it back on, click the MSN logo button and then click MSN Search Toolbar Options. Click the menu item labeled Phishing Filter and check the box to turn Phishing Filter back on |
| Q. | What can I do to help protect myself from online phishing? |
| A. | Here are some quick tips: | • | Be defensive with your personal information. Be cautious about providing sensitive data in an e-mail message, instant message, or pop-up window. | | • | Be wary of clicking links in e-mail messages and instant messages. | | • | Frequent Web sites that provide privacy statements or information on how they help protect your personal information. |
|
| Q. | What should I do if I think I've entered my personal or financial information into a phishing Web site? |
| A. | Immediately do the following: | • | Change the passwords or PINs on all your online accounts. | | • | Place a fraud alert on your credit reports. Check with your bank or financial advisor if you're not sure how to do this. | | • | Contact your banks and online merchants directly. Do not follow links in fraudulent e-mail messages. | | • | Close any accounts that have been fraudulently accessed or opened. |
|
| Q. | What should I do if I discover that I've been a victim of fraud? |
| A. | Immediately do the following: | • | File a report with the local police. | | • | Place a fraud alert on your credit reports. Check with your bank or financial advisor if you're not sure how to do this. | | • | Change the passwords or PINs on all of your online accounts. | | • | Contact your bank and online merchants directly. Do not follow links in fraudulent e-mail messages. | | • | Close any accounts that have been fraudulently accessed or opened. | | • | Get detailed information on identity theft and what to do if you're a victim from the Better Business Bureau and the Federal Trade Commission (FTC). |
|
Q.
A. | |
