Best answer by SsherjjView original
Email and email attachments
Hi everyone! Question for you -- are email and email attachments protected by Webroot?
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Welcome to the Webroot Community,
Emails aren't scanned by Webroot, but as soon as you try to run a malicious attachment WSA would block the execution and protect your PC. Also if you would click on a link in an email the URL will be scanned against the cloud database.
You have to keep in mind that WSA works a bit different than other antivirus solutions; instead of scanning everything all the time and wasting hardware resources, Webroot tries to intelligently protect your PC against threats.
The Webroot WIN Cloud does all the work not your PC: http://www.brightcloud.com/platform/webroot-intelligence-network.php
Here is the PC User Guide
Hope this helps?
Understanding how Webroot works is what got me to question how it works with email, since that has been the number one attack vector at customers. The customers' emails are scrubbed at the mail server, but they still get through. Users still get tricked all to often, especially young, new employees.
Webroot's anti-ransomware is certainly novel because it can mitigate the damage from zero-day ransomware threats. However, I'm not wild about the idea of having malware emails and files lying dormant on a computer and having it become a source of infected files through email or network sharing.
Let me know if I'm missing something here, but it appears that the malware lies dormant and undetected unless the machine where it is installed attempts to execute it, and links in emails are not checked until you attempt to follow the link?
Welcome to the Community Forums.
I could reply/explain but I think you need the 'professional' response to this...
Does that mean that they would be stripped from POP3 messages when they are downloaded into Outlook?
They COULD link to a file from an attachment but attachments of any kind are part of the email and usually encoded in MIME Base 64. I guess I am to assume that when the executable from an attachment is reconstructed and attempts to execute, it would be caught.
This question was also asked of Microsoft:.
Question: Does Windows Defender scan email?
Answer: No. There is no need for this to be done. What is important are attachments and links in email. When you attempt to open or save an attachment, or open a link, Windows Defender’s real-time protection inspects those items.
Thus, while not indicating that I'm convinced leaving infected files and emails laying about where they can be forwarded, Webroot is not alone in their approach.
But I suppose the argument Webroot would come back with is that the protection of that third party is not their primary remit, but they are providing as powerful and at the same time as lightweight a protection of their users' computers as possible.
Because Webroot has so many plusses I am evaluating software to mitigate this.
To some degree until or if Webroot comes up with their own. It would seem that adding it would allow them to use the same engine and very few system resources, and I would think it would not be heavy on their in-house resources and development resources. They have said they are looking at it, but reality is most likely it will be decided whether there is enough benefit for them financially to add it.
PS: I already proxy+spam classify now.