Forum Discussion

MissyQ's avatar
MissyQ
Bronze Contributor
Aug 19, 2020

Announcing a new way to paste URLs, Link format!

Recently, we wanted to dig into how users feel about copying and pasting a URL from their browser. We looked to understand what they do when they copy and paste URLs, as well as the pain points they ...
lforbes's avatar
lforbes
Iron Contributor
Dec 09, 2020

MissyQ As a computer systems specialist supporting hospitals this is a very frustrating and dangerous new "feature" to set as "Default" because it opens people up to scam and Phishing and all sorts of other online dangers. For 20 years I have spent telling my 80,000 users that we support "NEVER" click a link that doesn't show you where it goes because anyone can make fake "link name". It is the main way that Email scammers get you to click on "Netflix" and then redirect you to a scam site.

 

It has ruined Teams and drives us all bonkers. Now you cannot copy and paste into Teams from say Group Policy because it copies the tags and NOT the text.

Please provide a GROUP POLICY for this setting so I can enforce it to plain text across our 8 health authorities to prevent users from using this.

JaredB81's avatar
JaredB81
Iron Contributor
Dec 09, 2020

lforbes thank you for your feedback.

 

First, let me address your request.  There is already a group policy for this. It has been in place since prior to Link format reaching the Stable channel. 

The policy is called ConfigureFriendlyURLFormat and the details can be found on this page Microsoft Edge Browser Policy Documentation | Microsoft Docs

 

I hope that helps.

 

Thank you also for your feedback about the Link format and potential phishing scams.  You are correct that obfuscated URLs are used by attackers in phishing scams. Mitigating that risk is important.  Microsoft SmartScreen is a service that Microsoft Edge uses to help mitigate that risk, as just one example of the tools to mitigate such risks. 

 

That said, I hear your concern and when users share URLs with others, those recipients may not be using Microsoft Edge and therefore may not have the mitigations to help protect them.  That is one of the reasons we provide the ability to paste as plain text, as well as the ability for users to change the default copy & paste type and for IT Admins to set the default paste type.

 

Our work isn't done however and we will continue to assess the risks here and see what else we can do to mitigate them.

 

Thank you again for your feedback!

Resources