ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Does Endpoint Protection defend against Phishing?

book

Article ID: 162064

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You need clarification on whether Symantec Endpoint Protection (SEP) and its email plug-ins contain an anti-phishing product component.

Resolution

SEP is not intended to be an Anti-Phishing product.  Phishing is within the domain of AntiSpam and Mail Security products. 

Important note: Truly effective anti-phishing requires users who are trained what not to click as well as a robust mail security product or web gateway. 

SEP does have a number of IPS signatures which can provide a small extra degree of protection against phishing sites and traffic, but these IPS signatures are one last layer of a "defense in depth" and should not be relied upon to alone defend against phishing. 

Phishing mails work by social engineering their recipients into clicking a link and taking harmful actions.  They are not malicious code. Please submit any missed phishing mails to your AntiSpam vendor rather than to the site for suspected missed malware.  Any phishing materials accidentally submitted to the portal "Upload a suspected infected file" will be closed off as Threat artifact (or similar).  Links in any mails (and their .pdf attachments) will not be examined.  Additional information can be found in Symantec Insider Tip: Successful Submissions!

Some useful resources: