This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen warns users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a Microsoft login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a Microsoft login URL with an invalid certificate. Users will receive a pop-up notification if they try to access a website that is being blocked by Windows Defender SmartScreen. This assists users in making informed decisions about why the website is being blocked and whether to continue to it. The recommended state for this setting is: Enabled. Impact:In some cases, Windows Defender SmartScreen may block legitimate websites, that have been incorrectly flagged by Microsoft. Default Value: Disabled. (Enhanced Phishing Protection in Microsoft Defender SmartScreen will not warn users). Fix:To establish the recommended configuration via GP, set the following UI path to Enabled: (1) GPO: Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Notify Malicious (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WTDS\Components!NotifyMalicious

[Enabled/Disabled]

(1) GPO: Computer Configuration\\Policies\\Administrative Templates\\Windows Components\\Windows Defender SmartScreen\\Enhanced Phishing Protection\\Notify Malicious (2) REG: HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\WTDS\\Components!NotifyMalicious