Internet Explorer: Managing Phishing Filter Prompts

By default, IE warns you if the website you are visiting might be impersonating another website. This mechanism by IE is termed as Phishing Filters.

image

for various reasons the systems engineers/administrators require to disable this prompt for the end users essentially when they are deploying some automated web based system which they know can cause IE to prompt with it’s Phishing Filters.

 

IE Phishing Filter Registry: IE Phishing Filter is controlled by below registry key:

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerPhishingFilter]
"Enabled"=dword:00000001
"ShownVerifyBalloon"=dword:00000003

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerPhishingFilter]
"Enabled"=dword:00000001
"ShownVerifyBalloon"=dword:00000003

Below is the behavioral analysis of how IE Phishing Filter Feature works and can be managed:

  1. For the First time users, IE creates HKCU entry with appropriate ShownVerifyBalloon value.  A value of ‘3’ indicates disable.
  2. To control the same feature at system level, just create respective entries in HKLM.
    When you select ‘Turn on automatic Phishing Filter (recommended)

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerPhishingFilter]
"Enabled"=dword:00000002
"ShownServiceDownBalloon"=dword:00000001

When you select ‘Turn off automatic Phishing Filter

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerPhishingFilter]
"Enabled"=dword:00000001
"ShownVerifyBalloon"=dword:00000003

When you select ‘Ask me later

Windows Registry Editor Version 5.00

<

p>[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerPhishingFilter]
"ShownVerifyBalloon"=dword:00000001

Leave a Reply

Your email address will not be published. Required fields are marked *