Activity Forums Salesforce® Discussions How can we prevent phishing attacks in Salesforce?

  • Mohit

    January 29, 2018 at 8:41 am

    Hi Manpreet,

    Phishing is a social engineering technique that attempts to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishers often direct users to enter details at a fake website whose URL and look-and-feel are almost identical to the legitimate one.

    Salesforce Ongoing actions to avoid phishing:-

    • Actively monitoring and analyzing logs to enable proactive alerts to customers who have been affected.
    • Collaborating with leading security vendors and experts on specific threats.
    • Executing swift strategies to remove or disable fraudulent sites (often within an hour of detection).
    • Reinforcing security education and tightening access policies within Salesforce.
    • Evaluating and developing new technologies both for our customers and for deployment within our infrastructure.

    Salesforce recommendation to avoid phishing:-

    • IP range restrictions.
    • Decrease Session Timeout Thresholds
    • Educate Users About Phishing.
    • Two-Factor Authentication.
    • Salesforce Password Policies.
    • Use Transaction Security to monitor events and take appropriate actions.

    Hope this may help you.

Log In to reply.

Popular Salesforce Blogs

Popular Salesforce Videos