LATEST INTELLIGENCE
At Proofpoint, we take a similar approach
to securing your email. This guide explains
how our multilayered defence uses identity
control and content analysis to protect
organisations from email fraud. people into doing something on the
attacker’s behalf.
Identity control: who’s really sending
that email? If you can verify whether the email was sent by
who it says it’s from – and block any impostors
– you can stop many of these threats outright.
Email fraud can be hard to detect with
conventional cyberdefences. That’s
because it is highly targeted and sent
in low volumes aimed at specific people
or job roles. These emails don’t have a
payload. So there’s no attachment or
URL for security tools to detect, analyse
and sandbox. The messages are socially
engineered for one sole purpose: tricking
Due to the nature of email fraud, you need to
validate the true identity of the email sender.
Authentication
For identity control, we start with email
authentication. This step stops attackers
who try to hijack your email domain, a
technique called domain spoofing. With
email authentication, only someone from
your company – or someone you authorise
– can send email using your domain. This
stops many attacks in their tracks. DMARC
authentication allows email senders to
indicate that their messages are protected
by two popular authentication techniques.
And it tells receivers what to do if neither of
those authentication methods passes.
Proofpoint helps you to implement DMARC
authentication quickly and confidently. We
give you visibility into all the email coming
into and going out of your organisation.
With this visibility, you can authorise all
legitimate senders trying to send emails on
your behalf – and block any malicious emails
spoofing your trusted domains or those of
your suppliers. n
Download whitepapers free from www.intelligentcio.com/me/whitepapers/
www.intelligentcio.com
INTELLIGENTCIO
21