Freigeben über


Event 1035 - Anti-Phishing

Applies To: Windows 7, Windows Vista

Phishing is a way to trick computer users into revealing personal or financial information through an e-mail message or a Web site. A common phishing scam starts with an e-mail message that looks like an official notice from a trusted or reputable source, such as a bank, a credit card company, or an online merchant. In the e-mail message, recipients are directed to a fraudulent Web site where they are asked to provide personal information, such as an account number or password. Microsoft is committed to protecting Internet users worldwide from becoming victims of phishing scams by promoting valuable consumer education, industry collaboration, legislation, enforcement, and technology innovation.

How the SmartScreen Filter Works

The SmartScreen Filter compares the addresses of Web sites that a user attempts to visit to the list of reported and confirmed phishing sites, stored on the user's computer. The SmartScreen Filter also analyzes sites for characteristics common to phishing sites, and, if the user enables it, sends the addresses of visited sites to Microsoft to be verified against a frequently updated list of confirmed phishing sites.

The SmartScreen Filter works with Windows® Internet Explorer® 8 to provide two types of feedback about whether a Web site is a known or potential phishing threat.

  • Blocked Web Site. This message appears to the user if reputable sources have confirmed that the Web site is a known phishing threat. The user is advised to not proceed to the site.

  • Suspicious Web Site. This message appears to the user if reputable sources have not yet confirmed that this is a fraudulent Web site, but the site conforms to the characteristics associated with a phishing threat. The user is advised to proceed with caution.

When Is This Event Logged?

This event is logged when Internet Explorer detects a suspicious Web site.

Note

For more information and examples, see the Event 1035-Anti-Phishing topic from Internet Explorer Application Compatibility.

Remediation

The following sections discuss the reasons for which the SmartScreen Filter might flag a URL, guidelines to prevent false URL warnings, and the process by which you can dispute a false warning.

Best Practices to Prevent False URL Warnings

We recommend the following to help prevent SmartScreen Filter flagging.

  • Collect personal information using pages that use secure HTTP (HTTPS) only.

  • Verify that your Web site is secure from outside attacks by maintaining updated firewalls, and by installing all required security updates. Additionally, verify that your virus-detection software is current and that your server is virus free.

  • Verify that you are protected from cross-site scripting attacks. For more information about this vulnerability, see How To: Prevent Cross-Site Scripting in ASP.NET.

  • Verify the reliability of your external or third-party hosted content, including verifying that it is secure and from a trusted source.

  • Use a reputable domain name and avoid using an IP address.

  • Verify that you are running the most recent version of Internet Explorer 8.

Correcting a False Warning from the SmartScreen Filter

If you believe your Web site is incorrectly labeled as suspicious or blocked, you can submit a dispute request by using the feedback process built into the SmartScreen Filter.

To submit a dispute request

  1. Click Report whether or not this is an unsafe website in the Suspicious website dialog box.

    The Report Website page appears.

Note

You will see the Suspicious website warning or the Reported Phishing Website block page if the SmartScreen Filter determines that a page is suspicious, or if the Web site appears in the known list of phishing sites from the SmartScreen Filter online-reputation service.

  1. Select I am the owner or representative of this website and want to report an incorrect warning on my website, and then click Submit.

  2. Microsoft escalation reviewers inspect the URL, assigning a grade that begins an automated process that corrects the error, confirms the original designation, or escalates it for further review.

Important

All disputes should be submitted through the Web site reporting process to ensure the quickest resolution.

Failure to Resolve a False Warning from the SmartScreen Filter

The primary and most efficient process for disputing and resolving an incorrect designation is to use the dispute resolution tool built into the SmartScreen Filter. If the e-mail response that you receive from the SmartScreen Filter Support team does not resolve your issue, reply by e-mail to instigate a secondary investigation of the reported URL(s). If this process does not satisfactorily resolve your issue, contact your Microsoft account manager for further options.

See Also

Concepts

Known Internet Explorer Security Feature Issues