Problem solve Get help with specific problems with your technologies, process and projects.

Protect Exchange Server and Outlook email from phishing scams

Learn why email phishing scams continue to rise and three steps you can take to mitigate the risk to your Exchange Server and Microsoft Outlook email.

Phishing is all the rage these days. And I don't mean the kind where you're relaxing on a boat with a worm dangling from a hook waiting for a large-mouth bass to happen by.

On the Internet, phishing (also known as carding or brand spoofing) is a scam used by an attacker who sits at a remote computer dangling a malicious Web site on spam email waiting for a naive Internet user to happen by.

MessageLabs recorded a 1,000% increase in the number of phishing attacks they intercepted between June and July of 2004 and that number continued to grow, ending the year 50 times higher than the same period in 2003. Suffice it to say, phishing is a critical problem, particularly for users gullible enough to take the bait.

What can you do to protect Windows from being victimized by phishing scams? You've already had many experts tell you continually patch systems and get rid of Internet Explorer -- a Web browser with more exploitable vulnerabilities than its competition -- so here are a few other quick tips that may come in handy.

Block spam effectively in Outlook
Filtering and blocking spam is probably the single biggest step you can take in guarding Windows against phishing attacks. Spam is the delivery mechanism that gets the bait to your computer. If an attacker can't get his phishing message to your inbox, there is no chance your systems will be victimized. The latest version of Microsoft Outlook and many other email client applications now have fairly good junk mail filters to keep the majority of spam out of your inbox. In Outlook, you can set the Junkmail options by navigating to Actions/Junk E-mail/Junk E-Mail Options.

Guard your hosts file with an IPS
The hosts file in Windows maps network destinations or Web sites to IP addresses, and can be used to override DNS. Some phishing attacks actually rewrite the hosts file, so the next time users try to visit certain Web sites they are unwittingly visiting the malicious replica site. You should use an intrusion prevention system (IPS) or other security software to guard your hosts file, and periodically check the hosts file to look for any suspicious entries. You can open it in Notepad.

Strip out code in email messages
Phishing scams rely almost exclusively on the ability to include and execute active-scripting code within an email message. You can turn off this ability. To do so, go to Tools/Options/Security and then select Zone Settings. When the warning box pops up, click "ok" and select Custom Level to disable specific types of code from executing. You can also set Outlook to display all incoming email as plain text only, which will prevent scripting code from being executed. Simply click Tools/Options/E-Mail Options and select the checkbox next to "Read all standard mail in plaint text".

About the author
Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the Guide for Internet/Network Security, providing a broad range of security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security.

Dig Deeper on Exchange Server setup and troubleshooting