Product manual
GFI MailEssentials 7 Anti-Spam | 105
NOTE
You can download updates using a proxy server. For more information, refer to Proxy
settings (page 221).
4. Click Actions tab to select the actions to perform on messages identified as spam. For more
information, refer to Spam Actions - What to do with spam emails (page 135).
5. Click Apply.
7.1.2 Anti-Phishing
Blocks emails that contain links in the message body pointing to known phishing sites or if they contain
typical phishing keywords. Phishing is an email based social engineering technique aimed at having
email users disclose personal details to spammers. A phishing email is most likely crafted to resemble
an official email originating from a reputable business, for example a bank. Phishing emails will
usually contain instructions requiring users to reconfirm sensitive information such as online banking
details or credit card information. Phishing emails usually include a phishing Uniform Resource
Identifier (URI) that the user is supposed to follow to key in some sensitive information on a phishing
site. The site pointed to by the phishing URI might be a replica of an official site, but in reality it is
controlled by whoever sent the phishing emails. When the user enters the sensitive information on
the phishing site, the data is collected and used, for example, to withdraw money from bank
accounts.
The Anti-Phishing filter detects phishing emails by comparing URIs present in the email to a database
of URIs known to be used in phishing attacks. Phishing also looks for typical phishing keywords in the
URIs.
The Anti-Phishing filter is enabled by default on installation.
Configuring Anti-Phishing
NOTE
Disabling Anti-Phishing is NOT recommended.
1. Go to Anti-Spam > Anti-Spam Filters > Anti-Phishing.