[1] With the release of Internet Explorer 8, the Phishing Filter was renamed to SmartScreen and extended to include protection from socially engineered malware.
[4] According to Microsoft, the SmartScreen technology used by Internet Explorer 8 was successful against phishing or other malicious sites and in blocking of socially engineered malware.
Microsoft Edge was later rebuilt on Google's Chromium browser stack to go cross-platform onto macOS and down-level into Windows 8.1 and below.
SmartScreen Filter in Microsoft Outlook was previously bypassable due to a data gap in Internet Explorer.
In Microsoft Windows 8, SmartScreen added built-in operating system protections against web-delivered malware performing reputation checks by default on any file or application downloaded from the Internet, including those downloaded from email clients like Microsoft Outlook or non-Microsoft web browsers like Google Chrome.
With SmartScreen left at its default settings, administrator privilege would be required to launch and run an unsafe program.
Microsoft faced concerns surrounding the privacy, legality and effectiveness of the new system, suggesting that the automatic analysis of files (which involves sending a cryptographic hash of the file and the user's IP address to a server) could be used to build a database of users' downloads online, and that the use of the outdated SSL 2.0 protocol for communication could allow an attacker to eavesdrop on the data.
In response, Microsoft later issued a statement noting that IP addresses were only being collected as part of the normal operation of the service and would be periodically deleted, that SmartScreen on Windows 8 would only use SSL 3.0 for security reasons, and that information gathered via SmartScreen would not be used for advertising purposes or sold to third parties.
Over time, these preferences help SmartScreen Filter to distinguish between the characteristics of unwanted and legitimate e-mail and can also determine the reputation of senders by a number of emails having had this checked.
[21] In July 2010, Microsoft claimed that SmartScreen on Internet Explorer had blocked over a billion attempts to access sites containing security risks.
[22] According to Microsoft, the SmartScreen Filter included in Outlook.com blocks 4.5 billion unwanted e-mails daily from reaching users.
[26] Overtime, SmartScreen has expanded to protect against new threats like tech support scam, potentially unwanted applications (PUAs) and drive by attacks that don't require user interaction.
Manufacturers of other browsers have criticized the third-party tests which claim Internet Explorer has superior phishing and malware protection compared to that of Chrome, Firefox, or Opera.
Extended Validation (EV) certificates seem to avoid this issue, but they are expensive and difficult to obtain for small developers.
[29] SmartScreen Filter creates a problem for small software vendors when they distribute an updated version of installation or binary files over the internet.