New SmartScreen Feature Protects Windows Live Wave 4 from Social Engineering Attacks

Microsoft is expanding a very successful security feature from Internet Explorer 8 to protect users of its Cloud services and applications from social engineering attacks and account abuse. Essentially, the Redmond company announced the introduction of SmartScreen for URLs for its Windows Live Wave 4 offerings. As a rule, social engineering attacks come from people close to the victim, or those masquerading as the victim’s friends, and appear to be genuine messages.

By exploiting the trust that users have in their group of friends, attackers work to direct them to malicious websites designed to compromise their machines with malware. With the advent of Wave 4, Microsoft has expanded Windows Live’s social connectivity, delivering a high level of social feed integration. Subsequently, the company also considered necessary a new protection mechanism for URLs, to safeguard users from social engineering attacks exploiting the Live network.

“The SmartScreen team has worked with several large social networking partners over the past couple years to combat this abuse and has seen success with both our browser filter and simple features within the social network that help users regain context in the midst of a scam. These features disrupt the social engineering attempt,” noted John Scarrow, General Manager – Safety Services.

“With these successes in mind, we’re happy to announce the use of SmartScreen on the new Messenger and Windows Live websites, such as profile and photos. When you click a link on one of these sites, the web request is first examined by our SmartScreen service,” he added.

The SmartScreen service is designed to verify the reputation of a link. This is done before the user is allowed to actually navigate to a specific website. In the case in which the target site is a legitimate online destination with no history of scams or malware, the SmartScreen service will not interfere with the browsing process, and will allow users to perform Direct Navigation (Redirection).

The service is however set up to block navigation “if the link points to a known bad website— for example, one that hosts a malware or a phishing scam—the redirection server navigates the user to a red block page,” Scarrow said. At the same time, the SmartScreen filter can present an informal message to customers “if the website has very low traffic or has had a history of abuse, you’ll be taken to an informational interstitial page.”