How to configure Email Security for Phishing mail?
The following depicts a sample configuration of Email security for Phishing mail.
Phishing is a type of online scam where criminals send an email with a fake website and asking you to provide sensitive information.
An example of phishing attack:
1. Attacker creates an fake banking websites which copy the content from real banking website
2. Attacker sends user an phishing emails with an embed URLs to ask change the new banking password
3. User opens the mail then click to the embed URLs, it redirects user access to fake banking websites.
4. User enters the current banking account when they attempt change the password
5. Attacker gets the user’s banking account and can steal user’s money
How it works
Gateway inspects the email content to detect the embedded URLs. With Anti-phishing enhancement, ATP gateway inspects the mail content to detect the embedded URLs.
Set up Phishing on ATP
1. In the ATP, go to Configuration > Security Service > Email Security to enable Check Mail Phishing that allows gateway inspects the embed URLs in the email
Test the Result
1 Go to Monitor > Security Statistics > Email Security to observe mail phishing logs
Monitor > Security Statistics > Email Security
2 Go to Monitor > Security Statistics > Email Security to collect Email security statistics
What Can Go Wrong?
1 Make sure the Anti-Spam default service port is SMTP or POP3 by CLI
Router# show utm-manager anti-spam defaultport
2 It does not support SSL inspection.
3 The ATP can inspect email up to 50KB. If the mail size greater than 50KB, gateway will inspect the first 50KB from the header.
Categories
- All Categories
- 347 Beta Program
- 2.1K Nebula
- 114 Nebula Ideas
- 77 Nebula Status and Incidents
- 5K Security
- 44 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 65 Switch Ideas
- 901 WirelessLAN
- 33 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 326 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 831 Nebula FAQ
- 401 Security FAQ
- 219 Switch FAQ
- 190 WirelessLAN FAQ
- 45 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight