This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
G_W_Albrecht
Legend Legend
Legend
‎2020-12-03 09:06 AM

Android with SBM as a browser

Client calls me - Samsung / SM-A405FN used for phone calls, food orders and banking - this Android phone when using Google app sometimes offered him a selection of apps to open the link with - including Chrome (good choice 😊) and SBM (?).

Could SBM be better than Chrome ? Yes, must be much safer ! So he selected SBM...💀Now, all his searches open (! no, of course ! Only Scan Link opens) in SBM... No more online pizza 😠!

Workaround: Use Chrome. But can that be ? Sounds like an Urban Legend to me... Somewhere in the App Settings for Google you should be able to reset that, but i do not have the phone.

As i am on iPhone (addicted😎) only, maybe someone else could replicate this ? Should also be rather easy to delete this link if you know how...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
8 Replies
Matt_Ricketts
Employee
Employee
‎2020-12-03 03:16 PM

Just giving you a few areas to look at. I personally have not changed my "Just Once" to "Always" for the Scan Link option within SMB that you are talking about.

If your customer goes into the Settings section on their Android and searches for "default". There is a Default browser app setting. For me, this is set to Chrome.

However I think you are asking about "Opening Links" defaults. To find this. Settings -> search for Default -> select Default Apps -> choose Default apps again (the first time was the search results) -> Opening links -> Scroll the app you want to reset. I/E Chrome -> Click the Clear defaults.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2020-12-04 12:51 AM

Yes, i can imagine - but why is SBM presented as an app to open URLs from Google at all ? Should be clear that SBM is no browser...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Matt_Ricketts
Employee
Employee
‎2020-12-04 08:37 AM

It is so the URL links can be scanned to make sure you are not heading to/accessing a malicious site.

But I have an idea that I will pass along to the dev team about an option to scan the link upon click and then continue to the default app if benign, only showing SBM if it is malicious.

G_W_Albrecht
Legend Legend
Legend
‎2020-12-04 09:03 AM
In response to Matt_Ricketts

I am using SBM on iPhone and never encountered such a feature. The problem is that you can not access the site as you stay in SBM. Does SBM not do a link scan while in background ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Thales100
Explorer
‎2020-12-10 11:06 AM
In response to Matt_Ricketts

Like Sophos Intercept X for Mobile features. 

0 Kudos
Matt_Ricketts
Employee
Employee
‎2020-12-04 09:30 AM

It could be that the link scanning feature hasn't made it to the iDevices just yet? I'm not sure as I don't own one anymore. However, there should be a Open Link button as seen in my screenshot. The links are not scanned until they are clicked, of course. This is the idea I want to run by R&D. Background scan the link, upon click, and open the native app if the link is clean, else pop up SBM.

SBMURL.png

0 Kudos
Yuval_Sered
Employee
Employee
‎2020-12-06 12:05 AM

Guys, SBM has the ONP functionality that is preventing the device from browsing to bad links (Can also prevent apps from communicating with malicious links - Anti-bot). When you click a link SBM will scan it against Threat Cloud and block it if it is malicious - by configurable policy.

A new feature was added to SBM latest version to allow it also to scan links before you click as an extra mean of protection. The scenario is relevant mainly when you are not sure if this link is safe or not. Your device is protected with the bets anti-phishing tool available so why not use it just to make sure. how this works? 

  • iOS - This works as part of the "Share" function now when you long press the link you can select the share option and select SBM to open it. after SBM scans it you can click "open link" if safe and the safari default browser will open the link.
  • Android - Here on the OS level you can set default actions for apps. Long press the SBM app or via device settings (depends which Android you have) go to "App Info" in the "open by default" settings --> Open Supported links --> Select "Ask Every time" . With this settings if you tap a link (not from browser but from any other app) it will pop up the options which app you want to launch the URL. If you select SBM it will scan the link and tell you if it is already known to be malicious. The "open link" will then launch the default browser. if you select to always "open in this app" that might (in several devices, get you into the loop you are seeing because SBM is not a browser as stated. This is a but that will be fixed in the next coming days for now just select "Ask Every time".

BTW - if you click a new link that is not known to the Threat Cloud it will tell you that it is safe. Then when you actually brows to it the Zero-Phishing mechanism (activated by policy on your dashboard) will analyze the page and block it. 

Yuval

G_W_Albrecht
Legend Legend
Legend
‎2020-12-06 10:33 AM
In response to Yuval_Sered

Thank you, i understand now !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Upcoming Events

    Sort by:
    CheckMates Events