plex 2 Posted March 31, 2017 Share Posted March 31, 2017 We recently had a problem with a successful phishing scam and it got me thinking. We have a system where users can report suspect emails to our security team for evaluation. They have it setup so it can automatically add a phishing URL to our web filtering via our SIEM. It helps us reduce (and also indirectly educate) users exposure to phishing scams. It is good that users on the company network have the phishing page blocked, but what about our remote/traveling users? It would be great if ESET could block those URLs for our remote users too. Unfortunately, the number of URLs makes it unreasonable to have someone use ESET's phishing report page to report them each time. So, is there an API we can use to automate reporting of phishing/malicious URLs? If not, would it be something ESET would consider providing one day? Is there a 3rd party that does have this capability that we can report to that is also used by ESET to gather phishing/malicous URLs? If not reported directly to ESET, could an API be added to the ERA system so we can automate the URLs to a list that is updated to our clients? Or both, to ESET and as well as our own internal list applied to clients? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted April 2, 2017 Administrators Share Posted April 2, 2017 Even if that would be possible, we couldn't afford blocking an address without verification. If you manage to report a phishing url to Google for instance, there's a good chance ESET will block it soon too. For instance PhishTank provides an API but it seems it's only for retrieving data from their servers, e.g. if you want to find out if a particular url is phishing. Link to comment Share on other sites More sharing options...
plex 2 Posted April 4, 2017 Author Share Posted April 4, 2017 That's understandable. What about a web service that could be used to auto-populate the Web Access Protection address lists? Link to comment Share on other sites More sharing options...
Recommended Posts