cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Highlighted

Zero Phishing Exceptions

Hi,

Is it possible to configure exceptions for Zero Phishing?

This scenario exists where a customer doesn't want the Zero Phishing browser plugin to prompt for internal websites - i.e. ones behind their firewall on internal servers.

Yes, I get that this introduces the scenario where they could be redirected to an external site masquerading as an internal site but asking the question anyway...

 

TIA

0 Kudos
4 Replies
Admin
Admin

Re: Zero Phishing Exceptions

Do you have the relevant domain configured here?

Screen Shot 2019-04-02 at 3.23.24 PM.png

Re: Zero Phishing Exceptions

Hmmm, no, that didn’t suggest an exclusion.

So if a domain/IP address is entered in that box, the zero phishing browser plugin won’t scan it?

If so, rather than “Protected” should it not say “Excluded”?

0 Kudos
Admin
Admin

Re: Zero Phishing Exceptions

I'm not 100% sure it's an exclusion, but it makes sense you'd want to configure this option anyway.
Specifically, it's to make sure users are NOT using their corporate credentials on an external site.
When credentials are entered on an internal site, the domains of which are configured here, a hash of the password is stored.
If that password is used on an external site, then the user is alerted.
0 Kudos

Re: Zero Phishing Exceptions

Per the documentation for the Zero Phishing functionality:

Protected Domains - Add domains for which Password Reuse Protection is enforced.
SandBlast Agent keeps a cryptographic secure hash of the passwords used in these domains
and compares them to passwords entered outside of the protected domains

So, this dialog box is definitely about corporate password reuse, and is not about exclusions.

The SBA TE blade does have an exclusion configuration option... by default it is set to "Inspect all domains and files", but there is a dialog box to add exclusions there. I am not sure if these exclusions would be used by the browser extension / Zero Phishing feature though... 

I did just have a Business Dev Director approach me and say that this was a problem for him as he was demoing websites for prospective customers and the "Scanning..." thing that Zero Phishing does on web forms "...did not look good...". <sigh>

Hopefully the exclusion setting will apply to the Zero Phishing feature, or I may need to add policy to disable this for a group of users / computers.

Untitled.png

 

 

 

Capture3.PNG

0 Kudos