Recently, VCPI implemented a new email protection solution, Proofpoint, for all of our clients. The new solution stops malware and non-malware threats such as imposter emails that are more difficult to detect and have cost businesses more than $2.3 billion. The technology actively assesses the reputation of the sender for accurate protection.
Because these threats do not use malicious attachments or URLs, impostor emails can evade solutions that look for only malicious content or behavior. That’s why they require a different approach. An effective solution must dynamically analyze the attributes of all email as it arrives and detect anomalies that point to an impostor.
What are imposter emails?
- Spoofed name: This email has the name of the spoofed executive in the “From” field. But the email address is an outside email account (such as Gmail) that belongs to the attacker.
- Reply-to Spoofing: The “From” name, address field and reply-to name are the real ones of the executive being impersonated. But the “Reply-to” address is the imposter’s.
- Lookalike Domain: The attacker’s “From” address is close enough in appearance to the impersonated executive’s to fool busy recipients.
- Spoofed Sender (With no Reply-to Address): The imposter email uses the name and email address of the spoofed executive, but the email does not contain a “Reply-to” address.
You may also like...