You shall not phish! Microsoft launched the Windows 11 2022 Update with ample fanfare last week, adding in a whole bunch of new features and additions to its operating platform.
There’s new stuff for practically everyone in this new release.
And one thing that almost every single user can appreciate is a little tightening of security, what with all manner of threats out there in the wild. To that end, here is one improvement that is sure to go a mile when it comes to keeping users protected.
Enhanced Phishing Protection is what the company is calling its latest addition.
This is a tool designed to identify malicious sites and apps that attackers use to access login credentials. Whenever this tool detects something fishy at play, it automatically notifies the admin via Microsoft Defender for Endpoint.
Sinclair Hamilton explains in a new Tech Community blog post:
“Enhanced phishing protection is baked into the Windows 11 operating system and automatically detects when users type their password into any app or site. Windows understands in real-time whether that app or website has a secure connection to a trusted website; if not, Windows will let users know if they’re in danger. That means admins can know exactly when a password has been stolen and be equipped to better protect your organization. When Windows 11 protects against one phishing attack, that threat intelligence cascades to protect other Windows users interacting with other apps and sites that are experiencing the same attack as well.”
So, how does Enhanced Phishing Protection work, you wonder?
Windows first analyzes where you enter your password, then uses SmartScreen to decipher the authenticity of the application or website. If it discovers something, it then instantly responds immediately and alerts the user that they are required to change their password.
This is regardless of whether they are using a Microsoft Account, Active Directory, Azure Active Directory, or local password. The tool also quickly notifies the IT admin of the incident through the MDE portal for further investigation and mitigation of the issue.
The feature is currently accessible to users who have upgraded to the 22H2 release of Windows 11.
That said, commercial customers that want to receive the Enhanced Phishing Protection alerts in the M365 Defender security portal, can also do so as long as their license has Microsoft 365 Defender security portal access.