Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rami78
New Contributor

Phishing

We have been getting a ton of phishing emails lately. They pass through the fortimail without issue, and they contain links (either direct in body or in pdf) to sites that try to harvest email and password.

The websites they are linking to are usually hijacked and therefore usually categoriezed by fortigate as safe (business etc).

 

Is there a way to prevent users from being able to submit their email in forms? I have tried messing around with dlp without success.

2 REPLIES 2
packetpusher
Contributor

You may want to submit your question into the FortiMail forum. ref. [link]https://forum.fortinet.com/tt.aspx?forumid=31[/link]

georgemacin

Phishers do so by sending e-mails that are designed to collect an individual's sensitive information. To make phishing messages look like they are genuinely from a well-known company, they include company logos and other identifying information taken directly from real company's website. The victim receives an e-mail that appears to have been sent by a known contact or organization. The fake email conveniently includes a link you can click on to resolve the problem which you're told you need to do. These e-mails are clever fake and the information you provide goes straight to the crooks behind the scam. Because these e-mails look like from legitimate companies and victim trust them and enter their personal information.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors