If a user begins typing their username or password in any app or a page in any Chromium-based browser known for phishing attacks, Windows 11’s new Microsoft Defender SmartScreen will warn them. If the feature detects a user has entered their credentials in an unsafe place, it encourages them to change their password. SmartScreen will try to understand users’ password entry context by reading process connections, URLs, and certificate information at the OS level. The feature works to protect local passwords, Microsoft accounts, Active Directories, and Azure Active Directories. It also constantly learns about new phishing scams from the rest of Microsoft’s security stack. Additionally, phishing protection uses warning notifications to discourage users from reusing passwords. Furthermore, it can detect when users record their passwords in Notepad, Wordpad, Office, or Microsoft 356 documents, warning them against the practice.
Individual users can find the toggle for phishing protection in Windows Security > App & Browser Control > Reputation-based Protection > Phishing Protection. SmartScreen informs administrators of phishing incidents on their networks through Microsoft Endpoint. To activate phishing protection through Endpoint, head to the Endpoint Manager admin center > Devices > Policy > Configuration Profiles. Then, create a new profile with the platform set to “Windows 10 and later” and the profile type set to “Settings catalog.” Users should find the phishing protection settings under Configuration Settings > Add Settings > Smart Screen > Enhanced Phishing Protection. Afterward, admins can toggle settings to notify them of password reuse, unsafe apps, or malicious activity. Admins can also use phishing protection through Microsoft Intune, Group Policy Objects, or Configuration Service Providers with a mobile device management service. Microsoft’s document center contains detailed instructions for configuring phishing protection in all three. Another security feature Windows 11 22H2 adds is Smart App Control. Windows Defender Application Control predicts whether apps are safe, while Smart App Control uses an AI model to prevent unsafe apps from opening.