Phishing has been the most popular type of hacking attack over the past few weeks, with companies like LastPass, Uber, and Rockstar Games all falling victim to this type of hacking attack recently. Although avoiding phishing scams generally involves using a lot of common sense, there is software and technology available to keep you safe from these types of attacks, such as Windows’ latest update.
The Windows 11 22H2 update has been released, bringing an interesting security feature called “Enhanced Phishing Protection,” which was created in order to help Windows users protect their passwords more efficiently.
Whenever Windows users enter their passwords in a place where it isn’t necessary or recommended, Enhanced Phishing Protection will give a warning. Here’s how it works:
Enhanced Phishing Protection
The newest feature in the Windows 11 22H2 update works alongside Windows security protections and helps protect any work or school passwords typed to sign into Windows 11 in 3 ways:
- If you type your password on any Chromium browser into a site deemed malicious by Microsoft Defender SmartScreen, Enhanced Phishing Protection will alert you. It will also prompt you to change your password in order to secure your account from potential hackers.
- Enhanced Phishing Protection will warn you if you reuse your work or school Microsoft password on sites and apps, prompting you to change your password. Reusing passwords can make it easier for attackers who compromise one user’s password to gain access to multiple accounts.
- Enhanced Phishing Protection will also warn you if you store any passwords in Notepad, Word, or any Microsoft 365 Office app. Since it’s not safe to store plaintext passwords in text editors, Microsoft will recommend you delete your password from these types of files.
This kind of protection is great not just for personal computers, but for work applications. Since Windows login credentials can be especially valuable to hackers if they belong to someone within an organization, infiltrating one computer could grant a hacker access to the whole network. That’s why it’s important to keep your version of Windows 11 up-to-date and to make sure Enhanced Phishing Protection is enabled.
More Benefits of Enhanced Phishing Protection
Windows is taking a proactive approach when it comes to protecting passwords. Here are some additional benefits of Enhanced Phishing Protection:
- Anti-phishing support: A lot of phishing attacks occur by tricking users into accessing imitations of safe content and entering their credentials. EPP is trying to combat that by helping to protect users from reported phishing sites by evaluating URLs a site or app is connecting to, along with other characteristics, in order to find out if they are known to distribute or host unsafe content or scams.
- Secure operating system integration: Since EPP is integrated directly into Windows operating system, it can understand any user’s password entry context (like process connections, URLs, and certificate information) in any browser or app. Because it has advanced insight into what is happening at the operating system level, EPP can identify when users type their password in an unsafe location. On top of that, if users happen to use their password in an unsafe manner, this feature will prompt users to change their password in order to minimize any chances of their compromised passwords being leveraged against them.
- Track Password Security with Microsoft Security Suite: Since EPP is constantly learning from phishing attacks seen throughout Microsoft’s security stack, it works alongside other Microsoft security products in order to provide a layered approach to password security. This is especially useful for companies early in their password-less authentication adoption. If your company uses Microsoft Defender for Endpoint, you’ll have access to valuable phishing sensor data in the Microsoft 365 Defender Portal, which lets you view alerts and reports for unsafe password usage in your environment.
- Managing Enhanced Phishing Protection: EPP works with your organization’s Group Policy and mobile device management settings. You’ll be able to customize which phishing protection scenarios will show users a warning depending on how you set up your EPP. It’s important to make sure this step is set up properly by a knowledgeable IT service technician.
Setting up Enhanced Phishing Protection
Since Enhanced Phishing Protection is set to audit mode by default, you’ll have to make some changes to settings if you want to truly protect your company. Audit mode prevents notifications to users for any protection scenarios. This means users won’t be warned if they enter work or school credentials into a phishing site, if they reuse their password, or if they unsafely store passwords in an application.
Since these are all scenarios in which you’re trying to protect your company, it’s recommended that you configure Enhanced Phishing Protection to warn users during all protection scenarios.
Visit Microsoft’s Enhanced Phishing Protection tutorial to find out which security settings are recommended for your company.
Tech Support for Enhanced Phishing Protection
Are you trying to enable Enhanced Phishing Protection for your organization? Whether you have questions about installing the latest Windows 11 version 22H2 update, enabling Enhanced Phishing Protection, selecting the right settings, or performing a network security audit – Computer Service Now can help you today.
With over 35 years of experience providing on-site IT services to businesses around the southwest Ohio region, we are sure we can find a solution that works for your organization. Our network security packages offer you an easy and hassle-free solution to keeping your network safe from data breaches, ransomware attacks, and other cybersecurity concerns.
With a free consultation available, we will work with any existing IT staff to help them come up with better solutions to existing problems, manage any security vulnerabilities, and provide assistance with any other computer or network issues your organization is struggling with. Due to our advanced level of technicians, we are confident we will find a solution that works for you and your budget.
Contact us today at 513-422-1907 or visit our website to learn more about our variety of services that allow us to provide the support you need to keep your business running smoothly.
