Scanning URLs against databases of phishing and malicious web addresses
Scanning links to see if they are included in the list of phishing web addresses allows avoiding phishing attacks. A phishing attack can be disguised, for example, as an email message supposedly from your bank with a link to the official website of the bank. By clicking the link, you go to an exact copy of the bank's website and can even see its real web address in the browser, even though you are on a counterfeit site. From this point forward, all of your actions on the site are tracked and can be used to steal your money.
Because links to phishing websites may be received not only in an email message but also from other sources such as ICQ messages, the Web Threat Protection component monitors attempts to access a phishing website at the web traffic scan level and blocks access to such websites. Lists of phishing URLs are included with the Kaspersky Endpoint Security distribution kit.
To configure the Web Threat Protection component to check links against the databases of phishing and malicious web addresses:
- In the main application window, click the button
. - In the application settings window, select Essential Threat Protection → Web Threat Protection.
- Click the Advanced Settings button.
- Do the following:
- If you want the Web Threat Protection component to check links against the databases of malicious web addresses, in the Scan methods section, select the Check the web address against the database of malicious web addresses check box. Scanning the links to determine whether they are included in the database of malicious web addresses allows you to track websites that have been added to denylist. The database of malicious web addresses is maintained by Kaspersky, included in the application installation package, and updated during Kaspersky Endpoint Security database updates.
Kaspersky Endpoint scans all links to determine if they are listed in databases of malicious web addresses. The application's secure connection scan settings do not affect the link scanning functionality. In other words, if encrypted connections scan is disabled, Kaspersky Endpoint Security checks links against databases of malicious web addresses even if network traffic is transmitted over an encrypted connection.
- If you want the Web Threat Protection component to check links against the databases of phishing web addresses, select the Check the web address against the database of phishing web addresses check box in the Anti-Phishing block. The database of phishing web addresses includes the web addresses of currently known websites that are used to launch phishing attacks. Kaspersky supplements this database of phishing links with addresses obtained from the international organization known as the Anti-Phishing Working Group. The database of phishing addresses is included in the application installation package and supplemented with Kaspersky Endpoint Security database updates.
You can also check links against the reputation databases of Kaspersky Security Network.
- If you want the Web Threat Protection component to check links against the databases of malicious web addresses, in the Scan methods section, select the Check the web address against the database of malicious web addresses check box. Scanning the links to determine whether they are included in the database of malicious web addresses allows you to track websites that have been added to denylist. The database of malicious web addresses is maintained by Kaspersky, included in the application installation package, and updated during Kaspersky Endpoint Security database updates.
- Save your changes.