Web Threat Protection Service

                On campus, we utilize the Web to perform research and gather information. Some use e-mail and instant messaging tools to stay in touch with colleagues and friends. Downloading and sharing document files are daily activities. The Internet has become a critical resource for most people on campus.

                Unfortunately, the Internet can become a dangerous resource when we visit Web sites. We are being exposed to security threats while we perform these daily tasks trying to get our jobs done. In order to prevent these types of threats, Technology Services will be implementing the Web Threat Protection service.

What Are Web Threats?

                A Web threat is any threat that uses the Internet to perform malicious activities. The threats to which we are exposed daily vary great depending on what we are doing on the web. While browsing on the web, we may unknowingly visit malicious websites ¡V websites that have either been hacked into or designed specifically to distribute malware. When a user visits one of these sites, hackers can exercise control over the user¡¦s machine, download files, or install keyloggers or other malware.

How Do Web Threats Arrive?

                Web Threats arrive, spread, deliver additional exploits and entrench themselves via the Internet and may include Trojan horse programs, spyware, adware, pharming and other malware. They also may be triggered by a hyperlink or an executable file attachment in a spam e-mail.

Why Should I Care About Web Threats?

                Web threats are more pervasive today and the fastest growing threat vector. These evolving and carefully targeted threats are technologically sophisticated, comprised of multiple components, and spawn numerous variants. Because they often require no user intervention at all to infect a computer, the very act of browsing the internet may put computer users at risk. Web threats can enter our campus network in real time, posing immediate danger to our data, productivity, and reputation. 

How Can We Protect Against Web Threats?

                Prevention is always better than treatment so the most effective way to prevent Web Threats is to not let them get into our system in the first place - or at least make it as hard as possible.  Technology Services will implement the Web Reputation Service to combat today¡¦s Web threats. It provides protection for campus computer users to avoid malicious websites where these threats first emerge.

What Is Web Reputation Service?

                Web Reputation Service is one of Trend Micro's new features, which is capable of detecting and blocking Web-based security risks, including phishing attacks. 

How Does Web Reputation Service Work?

                Web Reputation Service is like a credit check for Web sites. Trend Micro assigns Web sites a reputation score based on many factors. This reputation score helps to determine whether or not the Web site is safe.

Based on the reputation score, Web sites are rated into the following threat types:

1. "a Web threat"

2. "very likely to be a Web threat", or 

3. "likely to be a Web threat" 

                Trend Micro Web Reputation Service blocks access to malicious Web sites based on the security level settings of Web Reputation Service policies.

What Types of Security Levels Are There?

There are four security levels that determine whether OfficeScan will allow or block access to a URL:

High: blocks a greater number of web threats but increases the risk of false positives

Medium: blocks most web threats while keeping the false positive count low

Low: blocks fewer web threats but reduces the risk of false positives

How Do I Know When A Website Is Blocked?

                When you try to open a Web threat site, you will see the following message in your browser:

 Although a website¡¦s address may appear to be one thing, it may be something completely different. For the above example, www.citywindsor.ca is the correct URL for the official city of Windsor website, however going to www.cityofwindsor.ca will redirect your browser to a different URL called landing.domainsponsor.com and it will consequently install adware, joke programs, and cookies on your machine.

                From this example, blocking one Web threat site can avoid adware and cookie installation and the possible consequences.

What Should I Do If A Website That I Need Is Blocked?

                If a Web site is blocked, Technology Services strongly recommends not opening the URL because it has been verified and rated by Trend Micro. If you feel that a Web site is safe and has been wrongly rated, please submit a SchoolDude incident (www.kirkwood.edu/request).  Use the problem type of Internet Filter and provide the blocked URL.  Your request will be investigated.