It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda Email Gateway Defense
formerly Email Security
Overview Documentation Training Materials

Understanding Link Protection

  • Last updated on

Link Protection is available for both paid and trial subscriptions.

Note that Email Gateway Defense maintains a list of exempted domains for Link Protection.

See Anti-Fraud and Anti-Phishing Protection for more information on link protection and typosquatting.

Enhancements to Link Protection are now powered by multimodal AI, aiming to strengthen our URL analysis and detection capabilities while performing comprehensive examinations of artifacts using Large Language Models and a specialized, AI-driven sandbox engine. By integrating multimodal AI into Link Protection, we will improve our detection capabilities through a multi-layered approach, enhancing our detection accuracy while also lowering the time and costs related to scanning. For example, the average scan duration will be significantly reduced, enabling us to respond more quickly to potential threats.

You can configure Email Gateway Defense to perform real-time analysis of URLs and domains so that the user is safely redirected to a valid domain or to a Barracuda Networks domain warning of the fraud. Rewritten URLs do not expire and function indefinitely.

Table 1. Frequently Asked Questions

Question

Description

When Link Protection is enabled, are there URLs that are not rewritten?

The following are exempt from Link Protection:

  • Sender email addresses added under Inbound Settings > Sender Policies

  • URLs/domains under Intent Domain Policies set as Ignore

  • URLs/domains that are trusted by Barracuda Networks

When Link Protection is enabled, URLs are not rewritten if:

  • The URL is exempt

  • The URL is contained in an encrypted message

  • The URL is within an attachment

How do you confirm whether a URL has been rewritten?

To confirm whether a URL has been rewritten, hover over the URL to view the Link Protection rewrite. For example:

  1. Hover over the URL  http://www.codestore.net/  

  2. The link displays as:
    https://linkprotect.cudasvc.com/url?a=http://www.codestore.net&c=E,1,5bEVim247z1fGhtUhmYwbNu1H8iIZr4
    NrgaCfUxKZdTyuUxW48gwPUfsoILDy-FCjYA5-2MCgtJlXy5N3PAFAD47XFHidB4K4cNJC7Z-FhFR1P96vPVq&typo=1  
    indicating the URL has been rewritten.

What happens when a user clicks a rewritten URL?

If a user clicks a rewritten URL, the following is true:

  • If the URL is considered bad, the user is redirected to the  Barracuda Link Protection Service Access Denied warning page which displays details about the blocked URL including the link:
    image2021-1-25 14:8:12.png

  • If the URL is considered good, the user is redirected to the website.

  • There is no noticeable delay when a user clicks on a rewritten URL; rewritten URLs are verified in real-time to ensure the latest status determines it to be safe.

  • Each time a URL is clicked its status is verified before the redirect is allowed.

  • If the redirection service is unavailable, that is, Barracuda Networks cannot verify the URL's reputation, the user is redirected to the original link.

What if a domain name is misspelled?

When Link Protection is enabled and common typos are found in the URL domain name, the URL is rewritten to the correct domain name so that the user visits the intended website.