Loading...
Loading...

FAQ: What do users see when browsing is blocked or allowed by the Blended Threats service?

Expand / Collapse


This article applies to:

  • Trustwave MailMarshal (SEG)
  • Blended Threats service

Question:

  • What do users see when the Blended Threats service blocks browsing to a URL?
  • What do users see when the Blended Threats scan determines that a URL is safe?

Reply:

When Trustwave SEG processes a message using the Blended Threats function, URLs in the message subject and body are updated so that the URL content can be scanned in real time.

When the user clicks a rewritten URL, the Blended Threats server evaluates the page using several validation methods, potentially including a live scan of page behavior. 

  • While the evaluation is in progress, the user may see a "Scanning - Please Wait" notice.
  • Once evaluation is complete, if no threats are found the user will be notified and redirected to the original site.
  • The service caches results for a short period. If the target page was very recently checked and no threats were found, the user will immediately be notified and redirected to the original site.

Caution: Even if no threats are found, users should always takedue care, particularly if the site requests credentials or personal information.

If the content is blocked the user will see a result similar to the below image. Detailed information varies depending on the specific functionality that returned the result.

In some cases the scan notes a page as suspicious, but with lower confidence. In these cases the validator page presents a warning, but allows click-through to the original site.


To contact Trustwave about this article or to request support:


Rate this Article:
     

Add Your Comments


Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster
.