In the worst case scenario, a user clicking on a phishing link could lead to complete compromise of the corporate network.
Security professionals can mitigate this risk by using Response Policy Zones (RPZs) to block access to malicious sites by preventing the DNS from resolving to malicious domains and IP addresses. This protects users from visiting newly-registered malware dropper sites and bad IP addresses that pose a significant risk.
Spamhaus Technology Response Policy Zones use domain and IP reputation data from Spamhaus’ real-time threat intelligence data to protect users' computers from connecting to harmful sites as soon as the domains are registered and before they can compromise users’ computers and harm your network.
Developed in collaboration with Deteque and ISC, Spamhaus Technology RPZ helps to prevent data loss by disrupting communications between C&C servers and infected botnet nodes on your network.
Use RPZs for phishing awareness
Rather than simply returning NX Domain, organizations can also use RPZs to improve security awareness by redirecting employees to a page warning of the dangers of visiting particular websites or clicking on links in phishing emails.
This approach can be used to identify users who would benefit from training in how to spot and avoid clicking on phishing links and reinforces your organization’s technological defences with user education.
Spamhaus RPZs updated every few seconds
Spamhaus RPZs are updated up to every sixty seconds and only changes to the lists are broadcast, so that updates can be propagated to all domain name servers worldwide in a matter of seconds. This provides network administrators, security professionals and service providers with the most current threat intelligence to protect their networks from being compromised by people clicking on phishing links, or browsing untrustworthy sites. As soon as the new RPZs are propagated, your network users are unable to connect to listed domains and IP addresses: mitigating the threat from new malicious domains.