|
Phishing Protection prevents Webinator from being used as a tool
in a phishing attack.
Webinator has a redirect page as part of its Query Logging
functionality, where it will provide a redirect to the URL specified.
It would be possible for an attacker to specify a URL that, at first
glance, looks like a link from Webinator, which the user may
trust. After the redirect, it actually ends up somewhere else.
If Phishing Protection is enabled, the redirect page will make sure
that any URL specified is actually in the profile's walk database
before issuing the redirect to it.
Copyright © Thunderstone Software Last updated: Thu Mar 11 16:13:32 EST 2010
|