Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pne
New Contributor

Action to delay certain message delivery

Hi,

I am writing here because Fortimail even with Fortisanbbox cloud does not seem to be much good in detecting hyperlinks to phishing forms. Recently we receive quite a lot of e-mails with links to public clouds, especially discordapp.com, googleapis.com, sendgrid, web.app etc. There is usually a fake logon form trying to get usernames/passwords.

 

Of course we teach our users, we submit samples to Fortinet and to storage providers, but this just does not help. I even wrote an dictionary profile which quarantines messages if the contain links for well-known hosts above, Fortinet should just get better at identifying these and I hope it will soon.

 

In the meantime, I was wondering - if we had an option to deliberately delay e-mails which contain such links, it may help greatly. If we give more time to cloud providers to shutdown these URLs or simply give more time to antivirus/antispam/sandbox engines to update, we may get better results.

 

Any help or ideas appreciated.

 

Thanks,

Petr

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors