Zero Phishing Settings

Define setting for phishing prevention and password reuse prevention.

• Phishing Prevention - Checks different characteristics of a website to make sure that a site does not pretend to be a different site and use personal information maliciously.
• Password Reuse Prevention - Alerts users not to use their corporate password in non-corporate domains.

Phishing Prevention

• Phishing Protection- Select an option:
  • Prevent Access and Log (default) - If SandBlast Agent determines that the site is phishing, users cannot access the site. A log is created for each malicious site.
  • Off - Phishing prevention is disabled.
  • Log Only - When a user uses a malicious site, a log is created.
  • Prevent Access Only - Users cannot access malicious sites. No logs are created.
• Send log on each scanned site - Send logs for each site that users visit, if it is malicious or not.
• Allow user to dismiss the phishing alert and continue to access the site - Users can choose to use a site that was found to be malicious.
• Allow user to abort phishing scans - Users can stop the phishing scan before it is completed.

Password Reuse

• Password Reuse Protection - Select an option:
  • Alert User and Log (default) - If a user enters a corporate passwords in a non-corporate site, the user gets an alert and a log is created.
  • Off - Password Reuse Prevention is disabled.
  • Log Only - If a user enters a corporate passwords in a non-corporate site, a log is created.
  • Alert User Only - If a user enters a corporate passwords in a non-corporate site, the user gets an alert.
• Protected Domains - Add domains for which Password Reuse Protection is enforced. SandBlast Agent keeps a cryptographic secure hash of the passwords used in these domains and compares them to passwords entered outside of the protected domains.