Anti-Phishing protection

ESET Mail Security provides protection against phishing. Anti-Phishing protection is part of the Web and email module. If you have installed ESET Mail Security using Complete installation type, Web and email is installed by default with Anti-Phishing protection enabled. However, this does not apply to systems running Microsoft Windows Server 2008.

note_icon_note NOTE

The Web and email component is not part of the Complete ESET Mail Security installation type on Windows Server 2008 or Windows Server 2008 R2 system. If required, modify existing installation by adding the Web and email component and enabling Anti-Phishing protection.

The term phishing defines a criminal activity that uses social engineering (the manipulation of users in order to obtain confidential information). Phishing is often used to gain access to sensitive data such as bank account numbers, PIN numbers and more. Read more about this activity in the glossary. ESET Mail Security includes anti-phishing protection, which blocks web pages known to distribute this type of content.

We strongly recommend that you enable Anti-Phishing in ESET Mail Security. To do so, open Advanced setup (F5) and navigate to Web and email > Anti-Phishing protection.

Visit our Knowledgebase article for more information on Anti-Phishing protection in ESET Mail Security.

Accessing a phishing website

When you access a recognized phishing website, the following dialog will be displayed in your web browser. If you still want to access the website, click Proceed to the site (not recommended).

web_phishing

note_icon_note NOTE

Potential phishing websites that have been whitelisted will expire after several hours by default. To allow a website permanently, use the URL address management tool. From Advanced setup (F5) expand Web and email > Web access protection > URL address management > Address list, click Edit and then add the website that you want to edit to the list.

Phishing site reporting

The Report link enables you to report a phishing/malicious website to ESET for analysis.

note_icon_note NOTE

Before submitting a website to ESET, make sure it meets one or more of the following criteria:

the website is not detected at all

the website is incorrectly detected as a threat. In this case, you can Report a false-positive phishing site.

Alternatively, you can submit the website by email. Send your email to samples@eset.com. Remember to use a descriptive subject and enclose as much information about the website as possible (for example, the website that referred you there, how you learned of this website, etc.).