2019 State of Email Security Report
Actionable steps to improve your organization’s email security and cyber resilience.
Mimecast's Targeted Threat Protection - Impersonation Protect provides instant and comprehensive detection against the latest malware-less social engineering-based email attacks, protecting organizations from attackers exploiting their name and reputation, well-known Internet brands, and third-party organizations they may work with.
Not all email-borne attacks use malicious URLs or attachments. Business email compromise or impersonation attacks often use social engineering and are designed to trick key users such as finance, executive assistants, and HR into making wire transfers or providing other monetizable information to cybercriminals.
They do this by pretending to be the CEO, CFO, or other important people in the organization and can even impersonate your trusted partners or other well-known internet brands. Some also target departments responsible for sensitive employee data, such as payroll, which is used for identity theft. Detecting and blocking these types of attacks requires deep inspection of the content of an email without impacting delivery speed.
Its capabilities include:
Real-time scanning of all inbound emails to detect header anomalies, domain similarity, recency of the sending domain, sender spoofing, and suspect email body content.
External domain similarity protection to prevent attackers from exploiting trusted third-party relationships and well-known internet brands.
Inspection across various international character sets to detect domain similarities.
Administrator control over handling of emails; discard the message, quarantine it, or warn the receiver that the email is suspicious.
A Mimecast managed and Custom Targeted Threat Dictionary identifying key terms attackers use.
Centralized policy management makes it easy for administrators to manage, report and discover attack campaigns.
Mimecast Targeted Threat Protection – Impersonation Protect provides comprehensive real-time protection against malware-less social engineering attacks in email, including CEO fraud, business email compromise and W2-fraud.