It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Attention

As of March 1, 2022, the legacy Barracuda Essentials Security, Compliance, and Complete editions are no longer available for purchase. Only existing customers can renew or add users to these plans.

Following October 30, 2022, the documentation and trainings will no longer be updated and will contain outdated information.

For more information on the latest Email Protection plans, see Barracuda Email Protection.

To update your bookmarks, see the following for the latest documentation and trainings:

Note that MSP customers should continue to follow Barracuda Essentials for MSPs.

Anti-Fraud and Anti-Phishing Protection

  • Last updated on

If you make setting changes, allow a few minutes for the changes to take effect.

Phishing scams are typically fraudulent email messages that appear to come from legitimate senders, for example, a university, an Internet service provider, or a financial institution. These messages usually contain a URL that, when clicked, directs the user to a spoofed website or otherwise tricks the user to reveal private information such as login, password, or other sensitive data. This information is then used to commit identity and/or monetary theft.

You can configure the Barracuda Email Security Service to evaluate and rewrite fraudulent URLs so that, when clicked, the user is safely redirected to a valid domain or to a Barracuda domain warning of the fraud.

To configure, log into the Barracuda Email Security Service, and go to the Inbound Settings > Anti-Phishing page:

  • Anti-Fraud Intelligence – This Barracuda Networks anti-phishing detection feature uses a special Bayesian database for detecting Phishing scams.

  • External Sender Warning – When set to On, adds a banner to the top of all inbound emails that originate from outside your organization, cautioning your users about opening attachments and clicking links.

    If the email body does not contain any text or html, the external warning will not be added.

  • Intent Analysis – When set to On, the Barracuda Email Security Service scans for links inside documents sent as attachments in email. Scanning occurs when the message is processed and delivered. This process checks the links inside attachments for malicious content. If malicious content is detected in the message, the Content Intent action is performed on the message:
    • Content Analysis – Select whether to Block, Quarantine, or Defer messages detected by Intent Analysis to contain malicious content. Set to Off to take no action.
  • Link Protection – When set to Yes, the service automatically rewrites a deceptive URL in an email message to a safe Barracuda URL, and delivers that message to the user.

    The following are exempt from Link Protection:

    • Sender email addresses added under Inbound Settings > Sender Policies
    • URLs/domains under Intent Domain Policies set as Ignore
    • URLs/domains that are trusted by Barracuda Networks

    When Link Protection is enabled, URLs are not rewritten if:

    • The URL is exempt
    • The URL is contained in an encrypted message
    • The URL is within an attachment

    Note that the Barracuda Email Security Service maintains a list of exempted domains for Link Protection.

    Link protection employs the Advanced Threat Protection (ATP) service when evaluating URLs that could lead the user to open a bad file. To disable ATP for links, you must disable Link Protection.

    When the user clicks the URL, the service evaluates it for validity and reputation. If the domain is determined to be valid, the user is directed to that website. If the URL is suspicious, the user is directed to the Barracuda Link Protection Service warning page which displays details about the blocked URL, for example:

     

    linkprotect_example1.png

     

    To minimize false positives and page load delays, Barracuda maintains a list of domains considered safe. Because of this, some links detected in messages are wrapped while others are not. For example, Barracuda Networks does not currently wrap google.com, but does wrap googlegroups.com because it provides user-generated content.

  • Typosquatting Protection – Typosquatting is a common trick used by hackers to fool users into thinking they are visiting a valid domain but the domain name is misspelled. Typosquatting is detected only if the URL is rewritten, that is, if it is not exempt. When clicked, the user is taken to a different domain that may be spoofing the expected domain. The Typosquatting Protection feature checks for common typos in the URL domain name and, if found, rewrites the URL to the correct domain name so that the user visits the intended website. For example, if the URL https://www.tripadivsor.com (where the 'i' and 'v' positions are switched in the domain name) appears in an email message, the service detects the typo and rewrites the URL to the valid domain https://www.tripadvisor.com . Note that Link Protection must be set to Yes before you can enable Typosquatting Protection.