Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Report phishing

    Posted 12 days ago
    Edited by Jose Yero 12 days ago
    Hi guys.

    Recently my domain was reported as phishing, when analyzing the report the following result is obtained:

    Can anyone help me what it means and if maybe it could be associated with some vulnerability of my domain?
    #On-PremisesWAF(formerlySecuresphere)


  • 2.  RE: Report phishing

    Posted 3 days ago
    Hi,

    First it was reported phishing in what aspect?
    1. Referrers from your domain 
    2. or email addresses from your domain
    There could be lots of reasons:
    1. Open mail relay
    2. incorrectly configured MX parameters for the domain name.
    3. etc

    I would start with who is reporting this as phishing, they should have details on why it was determined, and how to resolve it and what to do to have that domain removed from said list.

    The WAF protects requests coming in, and not going out. Meaning if your domain is getting reported as phishing, something is going out from your server to get it on that list. This would mostly fall out of scope for Imperva Support.

    Regards,

    ------------------------------
    Sarvesh Lad
    Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
    ------------------------------