Anti-Phishing protection

ESET Mail Security also provides protection against phishing. Anti-Phishing protection is part of Web and email module. If you have installed ESET Mail Security using Complete installation type, Web and email is installed by default with Anti-Phishing protection enabled. However, this does not apply to systems running Microsoft Windows Server 2008 and Windows Server 2008 R2.

note_icon_note NOTE

Web and email component is not part of Complete ESET Mail Security installation type on Windows Server 2008 or Windows Server 2008 R2 system. If required, you can modify existing installation adding Web and email component in order to be able to use Anti-Phishing protection.

The term phishing defines a criminal activity that uses social engineering (the manipulation of users in order to obtain confidential information). Phishing is often used to gain access to sensitive data such as bank account numbers, PIN numbers and more. Read more about this activity in the glossary. ESET Mail Security includes anti-phishing protection, which blocks web pages known to distribute this type of content.

We strongly recommend that you enable Anti-Phishing in ESET Mail Security. To do so, open Advanced setup (F5) and navigate to Web and email > Anti-Phishing protection.

Visit our Knowledgebase article for more information on Anti-Phishing protection in ESET Mail Security.

Accessing a phishing website

When you access a recognized phishing website, the following dialog will be displayed in your web browser. If you still want to access the website, click Proceed to the site (not recommended).


note_icon_note NOTE

Potential phishing websites that have been whitelisted will expire after several hours by default. To allow a website permanently, use the URL address management tool. From Advanced setup (F5) expand Web and email > Web access protection > URL address management > Address list, click Edit and then add the website that you want to edit to the list.

Phishing site reporting

The Report link enables you to report a phishing/malicious website to ESET for analysis.

note_icon_note NOTE

Before submitting a website to ESET, make sure it meets one or more of the following criteria:

the website is not detected at all

the website is incorrectly detected as a threat. In this case, you can Report a false-positive phishing site.

Alternatively, you can submit the website by email. Send your email to Remember to use a descriptive subject and enclose as much information about the website as possible (for example, the website that referred you there, how you learned of this website, etc.).