Phishing email

The dangers of a phishing email attack.

The dangers of a phishing email attack.

A phishing email attack is a fraudulent attempt to trick an email recipient into sharing sensitive information like login credentials, account information or personal data. The sender of a phishing email typically poses as a reputable business or known person to get the recipient to click on a link or open an attachment. In a spear phishing email, the attacker attempts to gain access to confidential data by posing as a trusted source, often within the same company. And in a form of phishing known as whale phishing, attackers can impersonate a high-level executive, tricking another employee into sending money to an account that turns out to be a sham or distributing sensitive corporate or personnel data.

Despite widespread education and efforts to make users aware of the dangers of this kind of fraud, phishing email attacks are surprisingly successful. In fact, 91% of hacking attacks today start with some kind of phishing email1. The costs of a successful phishing attack can reach into the millions of dollars, due to fines and legal action as well as business disruption, damage to corporate reputation and loss of customer confidence.

1"How to Bridge the Email Security Language Gap Between IT and the C-Suite" – Mimecast blog post by Orlando Scott-Cowley, 10/2015

Stopping a phishing email threat with Mimecast.

To mitigate the risks of a phishing email attack and improve spear security, Mimecast offers Targeted Threat Protection. This cloud-based service – part of Mimecast’s all-in-one subscription service for email security, archiving and continuity -- extends traditional gateway security to protect against all forms of a phishing email attack.

Mimecast’s service scans email in real-time to identify suspicious messages. With Mimecast, organizations can combat threats from a phishing attack with:

  • Comprehensive protection that is easy to manage and that requires no additional infrastructure or IT overhead.
  • Defenses that can be implemented instantly on and off the corporate network, including mobile devices.
  • Granular reporting for greater insight with real-time, end-to-end threat analysis.

How Mimecast technology prevents a phishing email attack.

Mimecast Targeted Threat Protection defends against every type of phishing email threat.

Impersonation Protect identifies a whaling attack that uses social-engineering to trick employees into divulging confidential data or wiring funds to a fraudulent account. Mimecast scans all inbound emails in real-time, searching for specific signs of fraud in the header, domain and content of the message.

URL Protect prevents a phishing email attack by scanning all URLs within incoming and archived emails on every click and opening websites only if they have been determined to be safe.

Attachment Protect defends against weaponized attachments by sandboxing attachments and allowing only safe documents to be sent on to the user.

Learn more about addressing the threat of phishing email attacks, and about Mimecast’s solution for spam protection and ransomware protection.