Zero Phishing Settings

Define setting for phishing prevention and password reuse prevention.

• Phishing Prevention - Checks different characteristics of a website to make sure that a site does not pretend to be a different site and use personal information maliciously.

• Password Reuse Prevention - Alerts users not to use their corporate password in non-corporate domains.

Phishing Prevention

• Phishing Protection - Select an option:

  • Prevent Access and Log (default) - If SandBlast Agent determines that the site is phishing, users cannot access the site. A log is created for each malicious site.

  • Off - Phishing prevention is disabled.

  • Log Only - When a user uses a malicious site, a log is created.

  • Prevent Access Only - Users cannot access malicious sites. No logs are created.

• Send log on each scanned site - Send logs for each site that users visit, if it is malicious or not.

• Allow user to dismiss the phishing alert and continue to access the site - Users can choose to use a site that was found to be malicious.

• Allow user to abort phishing scans - Users can stop the phishing scan before it is completed.

Password Reuse

• Password Reuse Protection - Select an option:

  • Alert User and Log (default) - If a user enters a corporate passwords in a non-corporate site, the user gets an alert and a log is created.

  • Off - Password Reuse Prevention is disabled.

  • Log Only - If a user enters a corporate passwords in a non-corporate site, a log is created.

  • Alert User Only - If a user enters a corporate passwords in a non-corporate site, the user gets an alert.

• Protected Domains - Add domains for which Password Reuse Protection is enforced. SandBlast Agent keeps a cryptographic secure hash of the passwords used in these domains and compares them to passwords entered outside of the protected domains.