Enable or disable links and functionality in phishing e-mail

Phishing is the malicious practice of luring you into disclosing your personal information, such as your bank account number and account password. Often phishing messages are sent from a deceptive e-mail address and contains unreliable links to spoofed Web sites that urge you to submit your personal information. This information is used by criminals to steal your identity, your money, or both. Learn more about phishing schemes.

In this article


How Microsoft Office Outlook 2007 detects phishing messages

Because it can be hard to distinguish a phishing e-mail message from a legitimate e-mail message sent, for example, by your bank, the Junk E-mail Filter evaluates each incoming message to see if it is suspicious, contains suspicious links, or was sent from a spoofed (fake) e-mail address. Suspicious message detection is always turned on. If the filter determines a message is suspicious, the message is sent to the Junk E-mail folder, the message format is changed to plain text format, and the links in the message are disabled.

Junk E-mail Options dialog box

Callout 1 Junk E-mail Filter spam protection settings
Callout 2 Junk E-mail Filter phishing protection settings

Disable links and other functionality in phishing messages     This option disables links and the Reply and Reply All functionality in phishing messages. Read the next section for details.

Warn me about suspicious domain names in e-mail addresses     This option warns you when a domain name (@example.com) uses certain characters to make it appear to be a well-known brand or Web site. The intention is to trick you into thinking it is a legitimate e-mail address when in fact it is spoofed.

 Note   Phishing protection still works even if you turn off spam detection by selecting the No Automatic Filtering option.

Top of Page Top of Page

What does Office Outlook 2007 do to phishing messages?

By default, Outlook does the following to a suspicious message:

InfoBar

To move a message back to the Inbox, click the InfoBar and then click Move to Inbox.

InfoBar menu

  • Moving spam messages out of the Junk E-mail folder    If a message is considered to be only spam, when you move it out of the Junk E-mail folder its links and functionality will be enabled, and the original message format will be restored.
  • Moving phishing messages out of the Junk E-mail folder    If a message is considered to be phishing, when you move it out of the Junk E-mail folder, the original message format is restored but the links the message contains remain disabled by default. In addition, the Reply and Reply All functionality remains disabled and any attachments in the message remain blocked by default.
  • If the Junk E-mail Filter considers the message to be both spam and phishing, but if the sender (someone@example.com) or domain (@example.com) is on your Safe Senders List, the message is left in the Inbox, but the links, attachments, and functionality in the message are disabled by default.
  • If the Junk E-mail Filter considers the message to be both spam and phishing but you don't agree, open the Junk E-mail folder, right-click the message, and then click Add Sender to Safe Senders List on the shortcut menu. The message is moved to your Inbox. Disabled links remain disabled, but the original message format is restored.

 Important   After you add the sender or domain to your Safe Senders List, any future messages from that sender or domain will be evaluated by the filter but will not be moved to the Junk E-mail folder. It is not a good idea to include well-known banks, credit card companies, or e-commerce senders or domains in your Safe Senders List, because these senders' addresses are the ones most commonly spoofed by phishers.

Top of Page Top of Page

Turn on disabled links and functionality in a message

If you want to enable the links in a message, do the following:

  1. Click the InfoBar at the top of the message on the text that says Click on the InfoBar to enable functionality (not recommended).
  2. Click Enable links and other functionality (not recommended). All the disabled links in the message are enabled.

InfoBar

Callout 1 Click the InfoBar to open the InfoBar menu.
Callout 2 Click to enable links and other functionality.

Top of Page Top of Page

Stop disabling links and functionality in all messages

  1. On the Tools menu, click Options.
  2. On the Preferences tab, under E-mail, click Junk E-mail.
  3. Clear the Disable links and other functionality in phishing messages (recommended) check box.

 Note   If you decide to select this check box later, Outlook will disable all the links in messages that were evaluated as suspicious by the Junk E-mail Filter, and you will receive warnings about suspicious links.

Top of Page Top of Page

Stop warning me about potentially spoofed e-mail addresses in all messages

  1. On the Tools menu, click Options.
  2. On the Preferences tab, under E-mail, click Junk E-mail.
  3. Clear the Warn me about suspicious domain names in e-mail addresses (recommended) check box.

Top of Page Top of Page

 
 
Applies to:
Outlook 2007