I have many genuine messages that Libra Esva highlight with Possible Fraud red string in the email body? Why?
Phishing Attacks look like a genuine email message from your bank, which contain a link to click on to take you to the web site where you will be asked to type in personal information such as your account number or credit card details. Except it is not the real bank’s web site at all, it is a very good copy of it run by thieves who want to steal your personal information or credit card details. These can be spotted because the real address of the link in the message is not the same as the text that appears to be the link.
Libra Esva mantaines a regular updated list of known Bad Phishing sites and Safe Phising sites. It is possible add custom entries to avoid inline Phishing warnings for safe sites, like for example intranet websites. Or you can explicit add Bad Phishing Sites. For example if you had HTML that looked like this: “Please tell us at < a href=”http://email.bank.com/” >Bank.com < /a >” then you should add “email.bank.com” to this list as safe. You can also use wildcards, so you can list *.bank.com instead of listing multiple web servers individually. Compile with care as this could expose your organization to unsecure contents!