Phish.jpg

The ThreatSTOP Security Team has introduced a new list of Phishing protection in order to help our customers to protect themselves from Phishing and at the same time to maintain a separation between targets with different false positive chance.

Phishing is a technique used to gain private information for purposes of theft. Phishing threats can be in a form of fraudulent e-mail messages that appear to come from legitimate sources, often even from within the organization, often even appearing to be from management. Other Phishing threats include phishing web pages, appearing to be identical to the original sites login page, often being financial organizations like banks, or social media sites.  These sites will even send you to the original site after stealing your login information for the threat actor’s usage.

Phishing is usually hosted on cheap hosting services and many times located on multi host servers that host thousands of legitimate sites or as pages on hacked websites. Due to this fact, blocking IPs and Domains for this might cause a False Positive when triggered. The ThreatSTOP security research team works to protect our customers and to minimize the False Positive chances when adding data to our manually curated targets. Today we are introducing two new target lists to our system, which are available in Expert mode and will protect you from Phishing threats:

  • TSPhishing IPs
  • TSPhishing Domains (For ThreatSTOP DNS Firewall customers only) 

These Phishing targets are manually curated by our security research team using manually validated data, but still might contain an elevated chance for False Positives as the nature of such data.

We chose to separate these threats from our TSCritical targets so that only the users who are sure that they are willing to take the False Positive chance in blocking Phishing will do so.

We have also updated several of our synthetic target lists to accommodate this additional information and to make it easier for our customers to consume the data, these targets are available in standard mode:

  • Phishing Domains
  • Phishing IPs

We highly recommend customers update their policies to include these targets for immediate increased protection from the growing number of Phishing threats if you are willing to carry the False Positive risk included in these targets.

Not a ThreatSTOP DNS Firewall customer? Contact us at 1-855-958-7867 or success@threatstop.com