[KB3100] How Anti-Phishing works in your ESET product

Issue

• What is phishing?
• You receive the notification "Warning: Potential phishing threat" when attempting to visit a specific website or domain
• Check your Anti-Phishing protection status
• Report a phishing site
• Enable or disable Anti-Phishing protection
• Add websites to the Address list

Details

Solution

The following products provide anti-phishing protection that enables you to block web pages known to distribute phishing content:

• ESET Security Ultimate
• ESET Smart Security Premium
• ESET Internet Security
• ESET NOD32 Antivirus
• ESET Small Business Security

We strongly recommend leaving anti-phishing enabled (anti-phishing is enabled by default).

Potential phishing attempt warning

When you access a phishing website, you will receive the following notification in your web browser. You can access the website without receiving a warning message by clicking Ignore threat. It is not recommended to proceed to a website identified as a potential phishing website.

Check your Anti-Phishing protection status

To check your Anti-Phishing protection status, follow the steps below:

1. Open the main program window of your ESET Windows product.

2. Depending on your ESET product:

   • ESET Windows home or small office products: Click Setup → Internet protection.
   • ESET Windows business products: Click Setup → Web and email.
     
     

   

3. If Anti-Phishing protection is enabled, the toggle in the Anti-Phishing protection section is green and the Enabled status is displayed.

   If Anti-Phishing protection is not enabled, the toggle in the Anti-Phishing protection section is red and the Disabled permanently or Paused status is displayed. See how to re-enable Anti-Phishing protection.

   

Anti-Phishing test

Test your anti-phishing functionality. 

Anti-Phishing activity

Report a phishing website to ESET

You can report phishing or malicious websites to ESET for analysis, or report safe websites to ESET for removal from the ESET Blacklist:

Report a phishing site to ESET

If your ESET product does not detect a website you know or suspect is a phishing website, you can report it via the Report a phishing page website. The submitted content may be added to the ESET Blacklist if analysis shows malicious content is distributed from the link you reported.

To report a phishing site directly from your ESET Windows product, follow the steps below:

1. Open the main program window of your ESET Windows product.

2. Depending on your ESET product:

   • ESET Windows home or small office products: Click Setup → Internet protection.
   • ESET Windows business products: Click Setup → Web and email.
     
     

   

3. In the Anti-Phishing protection section, click Report a phishing site. You will be redirected to the Report a phishing page website.

   

Report a false positive phishing site to ESET

If a website you know to be safe is detected as a threat, you can report it via Report a false positive website. ESET security professionals will re-visit the content reported as a false positive and remove it from the ESET Blacklist if it is safe.

Report a phishing website or false positive by email 

Send reports of phishing websites to ESET Research Lab. Remember to use a descriptive subject and enclose as much information about the website as possible (for example, the website that referred you there, how you heard about it, etc.).

Enable or disable Anti-Phishing protection

To re-enable paused or disabled Anti-Phishing protection, follow the steps below:

1. Open the main program window of your ESET Windows product.

2. Depending on your ESET product:

   • ESET Windows home or small office products: Click Setup → Internet protection.
   • ESET Windows business products: Click Setup → Web and email.
     
     

   

3.  Click the toggle next to Anti-phishing protection.

   

Enable Anti-Phishing protection from the main program window

You can enable Anti-Phishing protection also from the main program window:

1. Open the main program window of your ESET Windows product.

2. Click Enable Anti-Phishing protection.

   

Add websites to the Address list

The Whitelist is a list of websites that would normally be blocked by ESET but are accessible because you allowed them. Potential phishing websites that have been whitelisted will expire from the whitelist after several hours by default.

1. Open the main program window of your ESET Windows product.

2. Press the F5 key to open Advanced setup.

3. Click Protections → Web access protection, expand URL list management and click Edit.

   

4. Select List of addresses excluded from content scan and click Edit.

   

5. In the Edit list window, click Add. In the Add mask window type or copy/paste the URL address. Click OK → OK.

   How to format the URL address

   If the complete name of a remote server is unknown, or if you want to specify a whole group of remote servers, you can use a mask. The mask (the URL address you want to add) can include wildcards and other options such as the following:
   
   * – The asterisk wildcard will match the entire domain.
   ? – The question mark will match an address with the last but one character that you indicate (for example, x? would be an address with x as the last but one character).
   http:// or https:// – The protocol prefix is optional because both will be used if not included.
   
   For more detailed information and examples, see the Add mask Online Help topic.

   

6. Click OK in each open window to save your changes and exit Advanced setup.

You will no longer receive threat notifications from your ESET product when this URL is accessed.