Skip to main content

Category: IT & Support

Secure Intercom browsing

Secure Intercom browsing means protecting support and success teams from risky links and file shares while they handle customer conversations in a browser.

Quick answer

Legba can isolate browser sessions while your team uses Intercom.

Support tooling often bridges into sensitive systems. Isolation helps reduce exposure from external links, attachments, and untrusted portals used alongside Intercom.

This page does not imply an official integration with Intercom—it’s a guide to securing browser workflows around the app.

When you need this

  • Your team uses Intercom in a browser every day.
  • You want to reduce phishing, malicious downloads, and session theft without slowing users down.
  • You need role-based policies for employees, admins, and contractors.

Last updated

2026-01-29

Common browser risks

  • Customer-provided links leading to phishing pages, scam sites, or malware downloads.
  • Attachments shared in conversations that contain malicious files.
  • Impersonation attempts where attackers pose as customers to request credential resets or sensitive actions.
  • Session hijacking risk from high volumes of external content and link-clicking.
  • Copy/paste leakage of customer data into untrusted tools or AI prompts.

Typical sensitive data in Intercom

  • Customer identity and account details (PII).
  • Conversation transcripts and internal notes.
  • Attachments and screenshots shared for troubleshooting.
  • Links to customer environments and internal tools.
  • Automation rules and templates.
  • Admin and access settings.

Recommended policies by role

Support

  • Open customer links in isolation by default; treat them as untrusted.
  • Restrict downloads of attachments from unknown senders; scan and release through a controlled workflow.
  • Avoid pasting customer PII into untrusted web tools or AI prompts; use approved systems for summarization and analysis.

IT Admins

  • Enforce extension allowlists and permission controls for support teams.
  • Isolate unknown domains and redirect chains commonly encountered in support workflows.
  • Use separate profiles for admin actions vs daily support work.

Security

  • Use isolation for investigation of suspicious links and scam pages encountered by agents.
  • Monitor for unusual exports and admin changes in customer support platforms.
  • Deploy controls to reduce data leakage into AI tools from browser-based support workflows.
See Legba for Chrome

FAQs

Are support chat tools a common attack vector?

They can be. Attackers exploit any channel that gets agents to click external links or open files from unknown sources.

Does isolation slow down support work?

When scoped to unknown links and risky domains, isolation typically keeps work fast while reducing endpoint exposure.

Should we block all external links in support chats?

That usually breaks support. Isolating unknown links and controlling downloads is a more practical approach.

How do we reduce data leakage risk?

Treat customer data as sensitive: prevent copy/paste into unapproved tools and enforce policies for AI prompts.

References

Keep exploring

All guides
Threats, secure apps, and AI security pages.
All secure app guides
Browse apps by category.
Browser threats
Understand threats and mitigation patterns.
AI security guides
Prevent AI prompt leakage and prompt injection.