Microsoft is bringing new features to its Windows 11 Enhanced Phishing Protection tool, notifying users if they copy and paste their passwords in files and login pages, type their password in a malicious website and reuse the same password for other accounts.
Available in Windows 11 22H2, the Enhanced Phishing Protection tool in Microsoft Defender is designed to help protect your Windows passwords against phishing and malicious uses on dodgy websites.
Threat actors gain access to private accounts, websites and business networks by stealing user login credentials. Using phishing attacks or infostealer malware, hackers can trick users into mistakenly sending over passwords – giving them access to sensitive information and banking details.
The Windows 11 Enhanced Phishing Protection aims to thwart phishing attempts from attackers by notifying users of any risks to sharing their credentials. Previously, it warned users about suspicious activity when manually typing their Windows password into a document or website. However, it wouldn’t notify users if they copy and paste their passwords.
With Windows 11 Insider Dev build 23506, Microsoft’s security tool will now detect copy and paste for Windows passwords. That said, you may not know that you have it on your PC, and you must switch it on for it to work. Read on to discover what it can do and how to turn it on.
What does Windows 11 Enhanced Phishing Protection do?
Microsoft’s Enhanced Phishing Protection is part of Microsoft Defender SmartScreen and aims to stop user passwords from being stolen by phishing attacks.
As Microsoft’s support document states, it can help protect passwords in three ways.
1. “If you type your Microsoft account password into a site that SmartScreen finds malicious, Enhanced Phishing Protection will alert you. It will also prompt you to change your password so attackers can’t gain access to your account.”
2. “Reusing the same password makes it easy for attackers who compromise your password to gain access to your other accounts. Enhanced Phishing Protection can warn you if you reuse your Microsoft account password on other sites or apps and prompt you to change your password.”
3. “Since it’s unsafe to store your password in text editors, Enhanced Phishing Protection can warn you if you type your password into Notepad or a Microsoft 365 Office application like Word or OneNote.”
It’s important to note that this protection tool only works on Microsoft products. This means the Windows 11 Enhanced Phishing Protection won’t be able to detect typed passwords in third-party apps like Notepad++. It also won’t work if you use Windows Hello to sign in to your device.
Phishing attacks and scams happen regularly, so it’s worth turning it on.
How to turn on Windows 11 Enhanced Phishing Protection?
Windows 11’s Enhanced Phishing Protection can be found in the Windows Security app, and all you have to do is flip the switch. Find out how below:
1. In the taskbar, type in “reputation” in the search field.
2. Click on Reputation-based protection.
3. Under Phishing protection, click the switch to turn on Enhanced Phishing Protection.
4. Select other features you wish to turn on.
There you have it. As Microsoft notes, only the typed password used to sign into Windows 11 can be protected. Regardless, it’s worth turning on to keep your device safe, along with other accounts that may use a similar password.
What is Phishing?
Phishing is a form of cybercrime where attackers will trick unsuspecting victims into sending sensitive information or installing malware on their devices. It involves contacting victims via email, text message or telephone and posing as a legitimate company or individual seeking information to benefit the victim. Malicious actors will use social engineering techniques to convince unsuspecting victims they are real.
If you received an email that looks suspicious, you aren’t alone. Scammers often send millions of phishing emails, thousands at a time, to trick recipients, with malicious messages being sent to email addresses found through social profiles or via data breaches. These email scams are widespread, meaning attackers cast a wide net to see how much they can reel in.
Phishing attacks commonly use links in messages to dodgy websites or PDF attachments with malware to quickly gain unauthorised access to user accounts or steal valuable information.
Hackers will also resort to installing malicious software, including spyware, ransomware, adware and more, onto a victim’s device to cause more damage.
With phishing scams on the rise, it’s best to use proper protection to fend off any suspicious messages you receive. This includes Windows 11 Enhanced Phishing Protection, but there are other tools you can use, too.
Use antivirus software to stop phishing
One of the best antivirus software will stop phishing in its tracks Many high-standard AV protection offers near-perfect scores when detecting and protecting against malware, meaning even complex malicious software can’t go unnoticed in messages or emails.
Messages from scammers can contain harmful links or attachments filled with malware, which you never want on your device. The good news is you can let one of the best antivirus software services do all the legwork for you, as they have security and privacy features to protect your accounts.
Services such as Avast One, Bitdefender, Norton 360 and more have protection tools that block malicious email addresses, links and attachments. To make sure scams block malware damaging your device or keep you safe from threat actors hacking your phone through texting and more, set yourself up with an antivirus.
- Norton 360 review: Optimal security
- Avast One review: Strong antivirus for free!
- Bitdefender review: All-in-one premium security
