This week, Microsoft gave more details about the enhanced phishing protection in their new Windows 11 version 22H2.
Microsoft is adding a useful phishing protection to Windows Defender, called SmartScreen. It’s currently an add-on for Windows 11 users on version 22H2 but it doesn’t yet support Windows 10.
Windows 11 SmartScreen
Windows SmartScreen is a feature of Windows, Internet Explorer, and Microsoft Edge. As per this Microsoft FAQ document, it sends warnings to browser users when they start to access scam websites. Previously known as a site reputation screening service, SmartScreen is an important tool for protecting the efficiency and safety of your browsers.
Windows SmartScreen is a great program that’s installed by default on Windows version 22H2. It provides additional protections against phishing-style attacks.
For example, Microsoft’s SmartScreen feature in Windows 11 has the ability to warn end users about any websites that are considered unsafe, like if Microsoft detects a password given on the website as being compromised. In some cases, it will prompt the user to change their password after visiting these websites.
Here’s how Sinclaire Hamilton, a product manager on the Web Defense team at Microsoft, described this capability when announcing it:
SmartScreen automatically notifies you if your password is unsafe and saves your company from possible security breaches. In two ways, SmartScreen gives you a heads up that your password needs to be changed. First, we let you know right away by showing a pop-up message when you try to login. Second, we automatically report any unsafe password usage to IT through MDE’s reporting portal.
Microsoft Defender SmartScreen protects users from unsavory content in Microsoft’s apps, like Windows Notepad or WordPad. Attempting to save passwords is considered unsafe and can cause your data to be vulnerable to hackers.
Windows 11 comes with its fair share of improvements and changes, but Alerts and Logs are still two of the most important things.
Microsoft Defender SmartScreen lets you choose what types of phishing alerts you want. You can set it to notify end-users, warn them of password reuse, unsafe apps and more. The document, “Microsoft Defender SmartScreen Guide” is full of helpful tips, tricks and more.
“We recommend that you enable all four settings, as doing so will alert your users for all possible security scenarios,” Hamilton wrote.
One feature, “Service Enabled,” automatically changes the end user’s password on a specific date in the future. This is turned on by default. When it is enabled, though, users don’t get notifications.
The situation was explained in a document: “Users won’t see any notifications for any protection scenarios when Enhanced Phishing Protection is in Audit Mode.”
Unfortunately, it turns out the four phishing settings can only be configured for organizations with Windows 7 or older. Microsoft’s Kris Debkowski mentions this in the comment section of their announcement, and suggests checking out a Microsoft document that says Windows 10 is unsupported.
This alert needs to be licensed.
IT departments are probably looking forward to using the Microsoft Defender SmartScreen feature with Windows 11 version 22H2. However, they’ll need E5-type licensing to get full access to the alert said of it.
Susan Bradley, Microsoft’s Most Valuable Professional, asked Hamilton how she would know if a potential software buyer is interested in the “beating heart” of the technology vendor.
All Windows 11 Enterprise customers can take advantage of Enhanced Phishing Protection, and to get access to the warnings you must have a license that provides you access to the M365 Defender security portal.
Microsoft provides enhanced phishing protections to all Windows 11 v22H2 users. Organizations that want to see phishing prevention reports will need E5 licensing.
There are two Microsoft Defender for Endpoint plans, called Plan 1 and Plan 2. Plan 1 is included with E3/A3 Microsoft 365 subscriptions. Plan 2 is available with E5/A5 subscriptions.
One of our partnering AgileIT representatives has written a blog post that explains, “Plan 2 of the product will remain a free offering for those who have purchased E5.” Plan 2 can also be bought as a standalone product at $5.20 per user, per AgileIT.
