Credential Protection
This protection includes two components:
Zero Phishing
Phishing prevention checks different characteristics of a website to make sure that a site does not pretend to be a different site and use personal information maliciously.
There are three configuration options for this protection:
-
Prevent - If the site is determined to be a phishing site, users cannot access the site. A log is created for each malicious site.
-
Detect - When a user uses a malicious site, a log is created.
-
Off - Phishing prevention is disabled.
For further configuration of the Zero Phishing protection, go to Advanced Settings > Credential Protection:
-
Allow user to dismiss the phishing alert and access the website - Users can select to use a site that was found to be malicious.
-
Send log on each scanned site - Send logs for each site that users visit, whether malicious or not.
-
Allow user to abort phishing scans - Users can stop the phishing scan before it is completed.
-
Scan local HTML files - By default, the extension in Chromium-based browsers (Chrome, Microsoft Edge, and Brave) cannot access the local HTML files opened by the browser to scan them for phishing attacks. This setting prompts users to grant permission to Chromium-based browsers to access and scan local HTML files on your PC.
Notes:
-
This feature is not supported with Safari and Internet Explorer browser extensions.
To grant permission to access and scan the local HTML files:
-
When a user opens a local HTML file, the Browser Security request access to file URLs prompt appears. Click Click to copy.
-
Paste the copied path in the address bar of the Chrome browser and press Enter.
-
Scroll down and turn on Allow access to file URLs.
-
If the HTML file has an input field, Browser Security scans the file and blocks it, if identified as phishing.
-