Malicious Categories
Multicloud Defense considers the following categories to be particularly malicious:
|
Category Name |
Category Description |
|---|---|
|
Malware Sites |
Siteshosting malicious content including executables, drive-by infection sites, malicious scripts, viruses, trojans, and code. |
|
Phishingand Other Frauds |
Phishing, pharming, and other sites that pose as a reputable site, usually to harvest personalinformation from a user. These sites are typically quite short-lived, so they don’t last long in terms of uptime. |
|
Proxy Avoidance and Anonymizers |
Proxyservers and other methods to gain access to URLs in any way that bypasses URL filtering or monitoring. Web-based translation sites that circumvent filtering. |
|
Keyloggers and Monitoring |
Softwareagents that track a user's keystrokes or monitor their web surfing habits. Often used for collecting sensitive data such as usernames and passwords. |
|
SPAM URLs |
Sites known to distribute unsolicited email (spam) messages. |
|
Spywareand Adware |
Spywareor Adware sites that provide or promote information gathering or tracking that is unknown to, or without the explicit consent of, the end user or the organization, also unsolicited advertising popups and programs that may be installed on a user's computer. |
|
Bot Nets |
These are URLs, often IP addresses, which are determined to be part of a Bot network, fromwhich network attacks are launched. Attacks may include SPAM messages, DOS, SQL injections, proxy jacking, and other unsolicited contacts. |
Multicloud Defense offers traffic analysis when viewing traffic via and , where a pre-defined Malicious Categories filter can be selected to show instances and VPCs communicating with these Malicious Category FQDNs and URLs.
The full list of categories is shown below.