Internet Explorer 7"s best new security feature is its anti-phishing filter. If enabled, it works like this: Whenever a user visits a new Web page, the link is sent to a Microsoft server, which checks if the link was previously reported and verified as a known phishing site. If so, the user is given a screen indicating this. And if users get this screen, they should not continue on the Web page, but Microsoft allows the user to bypass the warning if they so desire. Let"s hope the bypass option can be disabled by group policy.

Users can report phishing sites they find to Microsoft. Microsoft requires that reporting users successfully pass one of those crummy OCR validation-graphic tests, but I guess this will prevent phishers from trying to overwhelm Microsoft with invalid reports. Even if the Web site hasn"t been reported, IE 7 will occasionally recognize phishing-like behavior and put up a cautionary warning.

In my beta testing, the new feature only worked about 10 percent of the time, but I"m sure accuracy will increase significantly once it is in general release.

I"ve always supported this type of user-reported methodology, but only as long as humans (or very intelligent software) validate the suspected sites and there is an easy way for false-positive Web sites to get removed quickly. Anti-spam blacklists sometimes drive me and my clients crazy. It might only take two minutes to find and close the open relay, but it takes days to weeks to get removed from all the blacklists.

In Other News

MessageLabs tells me that there is a new Trojan masquerading as the new Skype client. Be sure, as always, to download all software directly from the vendor or a reputable download site.