3 Replies Latest reply: Jul 31, 2015 12:52 PM by jlatimer RSS

    Click Protect Changes Links


      When using Click Protect the service will change the hyperlink in the email.  While clicking on the link will either bring you to the original site or the Click Protect page, it is modifying the email.  My web developers are not able to copy and paste links provided by clients withough having to go through extra steps to acquire the actual URL.  It is causing productivity issues.  Secondly, the service, by modifying the email is tampering with original source documents that clients send to us. Not good if you ever have to defend yourself when email is involved.  As an expert witness I could have a field day with this fact.  I do not care what the process is.  The email is not what the client sent. 


      How can this be changed so our links are left alone? 


      Any help would be greatly appreciated.



        • 1. Re: Click Protect Changes Links
          Brad McGarr

          In order to provide protection, ClickProtect must re-write URLs to redirect to the secure filter. This is the function of that module of the service. You may disable ClickProtect and URLs will no longer be affected nor protected.

          • 2. Re: Click Protect Changes Links

            gww, thanks for your post. I think Brad summed up the situation, but to rehash a few critical points:


            1. ClickProtect is off by default. As a casual observer, I would have interpreted your original post as implying that it was turned on by default or without your knowledge, which is never the case. Each customer should weigh the pros and cons of any security technology against their specific needs. We fully expect that ClickProtect will be too invasive for some users and exactly "what the dcotor ordered" for others. The same goes for many security technologies. Encryption, for example, has clear beneifts, yet not everyone uses it.

            2. ClickProtect allows for various levels of protection that can be selected on a per policy basis. Some levels are less intrusive than others.

            3. This functionality has been around for years and years. It hasn't always been this advanced, but URL re-writing has been around for a long time and...

            4. I'm not aware of a single instance where a URL re-write for the purposes of threat detection has resulted in a spoliation claim. The fact is that many threats now arrive in the form of a URL rather than a file attachment. Stripping file attachments has been a widely accepted practice for years and amounts to basically the same things as a URL re-write. Given the risks and losses that business see every year due to phishing attacks, I would expect this to be considered a "reasonable" measure for business to take to protect their networks from data leakage and all other manner of bad things.



            Sr. Product Manager



            Notice: The information contained herein is for informational purposes only and should not be deemed an offer by McAfee or create an obligation on McAfee. McAfee reserves the right to discontinue products at any time, add or subtract features or functionality, or modify its products, at its sole discretion, without notice and without incurring further obligations.

            • 3. Re: Click Protect Changes Links



              We've been using Click Protect for a while now and contrary to your statement in #4 above and I have multiple examples where CP causes spoliation. These range in severity. Some instances cause Click Protect to result in a page not able to be scanned resulting in an "ERROR VALIDATING WEB ADDRESS" message. Others result in a 404 message on the far end website. Sometimes we've seen "one time use" URLs, as used with reseting passwords, resulting in an error because the scanning of the URL invalidates any future use of the URL. I believe there needs to be some sort of tool introduced to allow users (or at least administrators) to allow Click Protect to remain in place and functioning, but when faced with a URL that has issues, to be able to "decrypt" the URL and see the original unaltered version. I think of this similar to the way a bit.ly link can be decrypted would be ideal.



              FSU College of Medicine