New: Block Access to Websites Behind Captcha or QR Codes

Administrators can now block access to websites that use Captcha challenges or QR codes when users click on re-written links, ensuring safer link handling and email protection.

When users click on rewritten links, Check Point’s advanced Anti-Malware and Anti-Phishing AI engines inspect the target content. However, some websites — particularly those hidden behind Captcha pages or containing embedded QR codes — can be harder to inspect.

To address this, admins can now enforce stricter policies:

• Block access to Captcha-protected pages
• Block access to QR-based pages, regardless of inspection results

How to configure:

1. Go to Security Settings → Security Engines → Click-Time Protection → Configure
2. Under the new sections:
   • Clicks on links leading to a Captcha page
   • Clicks on links leading to a QR page
     select one of the “Prevent access to the page” workflows.

These controls provide an additional layer of protection against phishing and evasion techniques, giving administrators full flexibility to align with their organization’s risk tolerance.

The feature is now being deployed gradually and customers should see it available in their portals within 14 days.