Microsoft phishing filter blocks legitimate Aussie sites

By on
Microsoft phishing filter blocks legitimate Aussie sites

Universities, businesses affected.

A number of legitimate websites for Australian business and educational institutions were blocked for up to five hours today by Microsoft's SmartScreen phishing and malware filter.

From around 10am Wednesday, systems administrators and website operators began complaining that their legitimate websites had been blocked and reported as unsafe by SmartScreen on Internet Explorer 11.

The websites for commercial businesses such as Supercheap Auto and Ninemsn were blocked, as were numerous educational institutions including La Trobe University, Melbourne University, the University of Wollongong, the University of the Sunshine Coast, and Endeavour College, among others.

Sysadmins were forced to implement workarounds including firewall changes at the network perimeter to allow access and assure browsers the site was secure.

The SmartScreen filter works by checking with a dynamic list whether the site an IE browser is on has been reported as a phishing or malicious site. It blocks the site if it finds a match.

The errant site blocking today is likely to be a result of an issue with the dynamic list.

One systems administrator for an affected business - who declined to be named - told iTnews the blocking had caused reputational damage to his company.

"Most users don't know how to get past [the warning notice]," he said.

"They don't know they can choose to continue to the site. If a customer goes to the site and sees that message, as far as they are concerned there is something wrong with our website, and that is not the case."

Another affected organisation - Endeavour College - criticised Microsoft for its lack of communication over the issue.

"I find it hard to believe that our websites can simply be blocked by this SmartScreen filter, without providing us with any evidence, or even contacting us to verify the legitimacy of our website," an employee wrote.

"We are an educational institution and are obviously in no way affiliated with any malware or phishing and in no way have our websites been spreading malware or phishing attacks.

"How can Microsoft simply add our site to a "blacklist" of sorts, without properly and correctly reviewing our site to confirm what has been reported?"

A Microsoft community leader noted that the accidental blacklisting of educational sites could be due to insecurely configured social media sharing buttons, and wrongly set up Domain Name System (DNS) records.

Microsoft has been contacted for comment on details behind the errant blocking. The issue appeared to have been resolved at the time of writing.

Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?