Anti-Phishing
Blocks emails that contain links in the message body pointing to known phishing sites or if they contain typical phishing keywords. Phishing is an email based social engineering technique aimed at having email users disclose personal details to spammers. A phishing email is most likely crafted to resemble an official email originating from a reputable business, for example a bank. Phishing emails will usually contain instructions requiring users to reconfirm sensitive information such as online banking details or credit card information. Phishing emails usually include a phishing Uniform Resource Identifier (URI) that the user is supposed to follow to key in some sensitive information on a phishing site. The site pointed to by the phishing URI might be a replica of an official site, but in reality it is controlled by whoever sent the phishing emails. When the user enters the sensitive information on the phishing site, the data is collected and used, for example, to withdraw money from bank accounts.
The Anti-Phishing filter detects phishing emails by comparing URIs present in the email to a database of URIs known to be used in phishing attacks. Phishing also looks for typical phishing keywords in the URIs.
The Anti-Phishing filter is enabled by default on installation.
Configuring Anti-Phishing
NOTE
Disabling Anti-Phishing is NOT recommended.
- Go to Anti-Spam > Anti-Spam Filters > Anti-Phishing.
- From the General tab, select/unselect Check mail messages for URIs to known phishing sites option to enable/disable Anti-Phishing.
Anti-Phishing options
- From the Keywords tab select any of the following options:
| Option |
Description |
|---|---|
| Check URI's in mail messages for typical phishing keywords | Enable/disable checks for typical phishing keywords |
| Add |
Add keywords that trigger the Anti-Phishing filter. Key in a keyword and click Add to add a keyword to the Anti-Phishing filter |
| Update |
Select a keyword from the Current Keywords list, make any changes to keyword in Edit Keywords field and click Update. |
| Remove |
Removes selected keywords from list. Select a keyword from the Current Keywords list, and click Remove. |
| Export | Exports current list to an XML format file. |
| Browse... |
Enables importing of a previously exported keyword list. Click Browse, select a previously exported keyword file and click Import. |
- From the Updates tab, select any of the following options:
| Option | Description |
|---|---|
| Automatically check for updates |
Configure GFI MailEssentials to automatically check for and download any Anti-Phishing updates. Specify the time interval in minutes when to check for updates. NOTE It is recommended to enable this option for Anti-Phishing to be more effective in detecting the latest phishing trends. |
| Enable email notifications upon successful updates | Select/unselect checkbox to be informed via email when new updates are downloaded. |
| Enable email notifications upon failed updates | Select/unselect to be informed when a download or installation fails. |
| Download updates now... | Click to immediately download Anti-Phishing updates. |
NOTE
You can download updates using a proxy server. For more information refer to Proxy settings.
- Click Actions tab to select the actions to perform on messages identified as spam. For more information refer to Spam Actions - What to do with spam emails.
- Click Apply.