Error messages on the site can be controlled by the user. A message such as the following can cause a legitimate user to send his credentials to a malicious site. 

Example:

https://example.com/siteminderagent/forms/"ERROR:_-_PLEASE_CALL_1-800-xxx-xxx !!!!

How do you redirect the users to a custom page instead? 

Release : 12.8.x

you can customize the Access Gateway Error pages to send the user to a custom page

1) go under  --> /opt/CA/secure-proxy/Tomcat/properties

2) backup your SPSErrorMessages.properties

3) Modify the property file , for example for the Exception listed below due to the 403 bad characters blocked by agent, the AG will return the following 

you want to customize the message and instead of returning the Default Error page , you can specify a custom jsp page of your liking (you can host it under affwebservices since it is not protected)

for Example

Modify the property file to have the following 

WebAgentException=https://fedapp.example.com/affwebservices/error.jsp

and whenever the agent report such issue , a redirect will go to the custom page along with the Error on the URL .

here is a test from my environment where I got redirected to the custom URL 

https://fedapp.example.com/affwebservices/error.jsp?responseCode=WebAgentException&uri=%2Faffwebservices%2Ferror.jsp

and from agent trace you will see 

[05/03/2023][14:49:06][14:49:06.840][29245][140384612534016][26ce3022-68c5118b-bea27842-39e00f4d-4ccdf92a-18][ErrorPageImpl::displayMessage][Custom Error Pages : Redirecting to the specified URL. https://fedapp.example.com/affwebservices/dump_headers.jsp?responseCode=WebAgentException&uri=%2Faffwebservices%2Fdump_headers.jsp]