Hiding the Original URL from Re-Written URLs
Harmony Email & Collaboration can hide the full path of the original URL from end users to prevent them from bypassing URL security.
Link re-writing, or Click-Time Protection, is extensively used by organizations to prevent advanced phishing attacks, where the website behind a phishing link is weaponized only after the email is sent and inspected.
By default, re-written (replaced) links include the original URL in their full path.
For example: https://protect.checkpoint.com/v2/___https://www.acme.org/lorem/ipsum/dolor.aspx___.YXAzOnByb2…
On the one hand, this re-written link format helps with readability and allows users to evaluate the link that was originally sent to them.
On the other hand, savvy users can copy the original link and paste it in their browser, essentially bypassing the security measures put in place by the organization.
Harmony Email & Collaboration now allows obfuscating the full path of the URL, leaving only the URL domain visible.
For example: https://protect.checkpoint.com/v2/___https://www.acme.org/NsyjwsfqrjidLjsjyn.fxuC___.YXAzOnByb2…
This way, users can roughly understand where the link points to, without allowing them to bypass the security.
To obfuscate the full path of the re-written URL, go to Security Settings > Security Engines > Click-Time Protection > Configure > Re-written URL and select the only original URL domain… option.
Note – this feature is being deployed gradually. You should see it in your portal during the next 2 weeks.