mfichera 2 Posted January 26, 2017 Share Posted January 26, 2017 (edited) We've notice an increase in users encountering fake/scam tech support websites. For example, user will click a link from Google or Bing and they will see a pop up from their web browser saying there's an infection and they need to call phone number. Is there anything policy/software wise I should do to better protect the users from scams like this? We run current versions of EES/EEA v6 on Mac and PC. Edited January 26, 2017 by mfichera Link to comment Share on other sites More sharing options...
Most Valued Members cyberhash 188 Posted January 27, 2017 Most Valued Members Share Posted January 27, 2017 Submitting the URL to ESET would be a good starting point, if its a fake tech support it will get added to the blocklist when its checked. You can also go into the advanced setup and add items manually to a blocklist , if you have multiple computers running that you want to use the same blocking rules with , you can create a text file and import it into each machine to save a lot of effort.. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted January 28, 2017 Administrators Share Posted January 28, 2017 It doesn't make much sense to block it in the program; it wouldn't make protection better given that hundreds or thousands of new scam domains emerge on a daily basis and are alive only for a short time. If such scam website is not detected by a signature, email the url(s) to samples[at]eset.com. Link to comment Share on other sites More sharing options...
mfichera 2 Posted February 2, 2017 Author Share Posted February 2, 2017 On 1/27/2017 at 11:57 PM, Marcos said: It doesn't make much sense to block it in the program; it wouldn't make protection better given that hundreds or thousands of new scam domains emerge on a daily basis and are alive only for a short time. If such scam website is not detected by a signature, email the url(s) to samples[at]eset.com. I always submit them to eset when one of these sites are found. Is there anything else I should be doing to protect my users? Between my network's UTM and eset, I fee like we shouldn't be encountering scam sites. Link to comment Share on other sites More sharing options...
Recommended Posts