cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
456
Views
0
Helpful
1
Replies

How to mitigate HTML smuggling phishing attacks

Translator
Community Manager
Community Manager
1 Reply 1

UdupiKrishna
Cisco Employee
Cisco Employee

Such campaigns can be inspected/detected with a combination of different features that ESA supports.

E.g. antispam, AV, AMP can inspect the contents of the email/attachment to determine malicious patterns. URL filtering can run reputation and category checks of the URL(s), links within the email. Outbreak filters can determine if there's any ongoing malicious campaign matching similar patterns detected by Cisco/TALOS. 

 

In retrospect, all these features should be configured to work together to determine sophisticated attacks 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: