How to Fight Phishing in Internet Explorer

By Dan Gookin

Phishing is a scam. It begins with an email that compels the recipient to provide personal (e.g. Social security number) or financial information (e.g. account numbers) via email or a website. Like most modern web browsers, Internet Explorer features an anti-phishing filter. The filter is used to flag known phishing websites as well as to report suspect sites. The filter is probably on already.

For versions of Internet Explorer before version 8, you can confirm that the Phishing Filter is active by following these steps:

  1. Choose Tools→Phishing Filter→Turn On Automatic website Checking.

    If you see Turn Off Automatic website Checking, the anti-phishing filter is on already; there’s nothing else for you to do.

  2. In the Microsoft Phishing Filter window, choose Turn On Automatic Phishing Filter (Recommended).

  3. Click OK.

When the phishing filter is on, it flags suspect web pages for you automatically. The Address bar turns red in Internet Explorer, and you see a message displayed. Choose the option Click Here to Close This webpage.


When you encounter a website you suspect of phishing but it’s not flagged, you can test it and report it. To test a website for a potential phishing scam in Internet Explorer 8, choose Safety→SmartScreen Filter→Check This Website. In older versions of Internet Explorer, choose Tools→Phishing Filter→Check This website.

You see an information dialog box asking you to confirm the website address and to ensure that it was what you were suspecting. Click OK to dismiss the dialog box.

If the website looks bad and hasn’t been reported yet, you can report it yourself: In Internet Explorer 8, choose Safety→SmartScreen Filter→Report Unsafe website. In older versions of Internet Explorer, choose Tools→Phishing Filter→Report This website.

Information about the site is sent to Microsoft. If the website is confirmed as a phishing site, the site address is added to several lists, and web browsers using phishing filters are blocked from accessing the site.