Protect Yourself from Imposter Email Threats with VCPI [Infographic]


vcpi About The Author

November 7, 2016

Recently, VCPI implemented a new email protection solution, Proofpoint, for all of our clients. The new solution stops malware and non-malware threats such as imposter emails that are more difficult to detect and have cost businesses more than $2.3 billion. The technology actively assesses the reputation of the sender for accurate protection.

Because these threats do not use malicious attachments or URLs, impostor emails can evade solutions that look for only malicious content or behavior. That’s why they require a different approach. An effective solution must dynamically analyze the attributes of all email as it arrives and detect anomalies that point to an impostor.

What are imposter emails?

  1. Spoofed name: This email has the name of the spoofed executive in the “From” field. But the email address is an outside email account (such as Gmail) that belongs to the attacker.
  2. Reply-to Spoofing: The “From” name, address field and reply-to name are the real ones of the executive being impersonated. But the “Reply-to” address is the imposter’s.
  3. Lookalike Domain: The attacker’s “From” address is close enough in appearance to the impersonated executive’s to fool busy recipients.
  4. Spoofed Sender (With no Reply-to Address): The imposter email uses the name and email address of the spoofed executive, but the email does not contain a “Reply-to” address.


BEC, Business Email Compromise, CEO Fraud, CEO Phishing, Impostor Email Threats


You may also like...

How to Protect Your Assets From Malicious Email Threats [Infographic]

Don't Be Fooled by Your "CEO"

Protect Yourself from Malware