Email Fraud Protection

Email fraud is a big and growing problem

Email fraud attacks are highly-targeted, low volume attacks to impersonate people in authority. They prey on human nature—fear and the desire to please with the goal of stealing money or valuable information. This makes email fraud attacks difficult to detect and stop with a traditional security tools or a regular email protection service.

New research suggests the number of email fraud attacks is on the rise, and  three-quarters of organizations believe they’ve been targeted at least once.

It can happen to any company

When it comes to email fraud, no company is immune. Even some of the most tech savvy firms, the ones you’d think are most prepared, have been victims to email fraud.

In just one example, a Lithuanian man is accused of stealing more than $100 million in separate attacks on Google and Facebook in July 2017. The man allegedly spoofed a vendor in the companies’ supply chains. This case should serve as a wake-up call to all companies, even the most sophisticated, that they too can be victims of phishing attacks by cyber criminals if they don’t have a reliable phishing prevention solution setup.

Companies with self hosted systems like Office 365 should also get office 365 phishing protection setup, as Office 365 does not offer a solid built-in solution.

It’s not just CEOs anymore

Email fraud used to be strictly limited to targeting executives like CEOs and CFOs prompting demand for CEO fraud protection solutions. However, it doesn’t stop there. Attackers have begun impersonating a wider range of roles and identities within organizations.

Attackers are now going after employees in human resources, accounts payable, finance and even technology teams. According to research, individual contributors and lower-level management made up around 60% of attack targets.

It’s more than just losing cash

Increasingly, attackers are going after data rather than just cash. In about a third of email fraud attacks the attackers went after money, but in about half of the cases, the company lost sensitive data.

The impacts to business can be far more than just direct financial losses too. Business disruption was the most common effect according to 56% of participants in one survey who were hit by an email fraud attack. And in nearly one in four attacks, someone was fired for letting it happen.

Preventing email fraud requires advanced technology

There exists technology today to prevent email fraud. Surprising, less than half of the companies surveyed had deployed it to protect themselves.

Email authentication is the essential defense for protecting your company and employees from email fraud. Email authentication is comprised of three separate technologies working together:

  1. SPF (Sender Policy Framework)
  2. DKIM (DomainKeys Identified Mail)
  3. DMARC (Domain-based Message Authentication, Reporting & Conformance)

Used together, these technologies can stop the two main sources of email fraud: domain name spoofing and display name spoofing.

Enterprise-class email protection without the enterprise price

For flexible per-user pricing, PhishProtection’s integrated email security solution protects your employees from business email compromise (BEC) and many other email threats. 24×7. On any device. With features you’d expect in more expensive solutions:

All Plans Come With

  • Stops business email compromise (BEC)
  • Stops brand forgery emails
  • Stop threatening emails before they reach the inbox
  • Continuous link checking
  • Real-time website scanning
  • Real time alerts to users and administrators
  • Protection with settings you control
  • Protection against zero day vulnerabilities
  • Complete situational awareness from web-based console