F5 Logo MyF5
Search
  1. MyF5 Home
  2. F5 Fraud Protection Service: BIG-IP Configuration
  3. Detecting Phishing Attacks
  4. Overview: Detecting Phishing Attacks
  5. Configuring phishing detection on a URL
Manual Chapter : Configuring phishing detection on a URL

Applies To:

Show Versions Show Versions

BIG-IP FPS

  • 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Manual Chapter

Configuring phishing detection on a URL

Configure phishing detection on a URL if you want the system to check for phishing attacks on the web page of the URL, and send an alert to the FPS Dashboard if an attack is detected.
  1. On the Main tab, click
    Security
    Fraud Protection Service
    Anti-Fraud Profiles
    .
    The Anti-Fraud Profiles screen opens.
  2. From the list of profiles, select the profile on which you want to configure phishing detection.
    The Anti-Fraud Profile Properties screen opens.
  3. In the Anti-Fraud Configuration area, click
    URL List
    .
    The URL List opens.
  4. Click the URL on which you want to configure phishing detection (or click
    Add
     if you want to define a new URL with phishing detection).
    The URL Properties screen opens.
  5. In the URL Configuration area, select
    Phishing Detection
    .
  6. Select the
    Enabled
     check box for
    Phishing Detection
    .
    The Phishing Detection configuration options appear.
  7. Select the
    Enabled
     check box for the
    Log credentials theft by a phishing site
     setting if you want the system to log the user names and text fields (not passwords) of users attacked by a phishing attempt on this URL.
    This setting does not appear if
    Web page copy detection
     (in the Advanced settings) is disabled.
  8. Click
    Advanced
    .
  9. Select the
    Enabled
     check box for the
    Web page copy detection
     setting if you want the system to detect whether the web page for this URL has been copied and send an alert to the FPS Dashboard if it determines that this happened.
  10. Select the
    Enabled
     check box for the
    JavaScript removal detection
     setting if you want the system to detect whether JavaScript is missing from the web page of the URL and send an alert to the FPS Dashboard if it determines that this happened.
    This is part of the system's phishing detection backup mechanism.
  11. In the
    Location of Phishing Inline JavaScript and Image Injection
     field, select whether you want the phishing inline JavaScript and phishing image to be injected before or after the tag that you specify in the Tag field.
    The phishing inline JavaScript must be injected into the HTML after the main FPS JavaScript.
  12. In the
    Input field types to include in alerts
     field, type HTML input field types (such as
    text
     or
    checkbox
    ) on the web page that you want to include in alerts.
    For example, if you add
    text
    , the system attaches the values of all
    text
     input fields on the web page to alerts.
  13. Click
    Save
    .
    The URL configuration settings are saved.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information