Proofpoint Adds Dynamic Fraud Prevention to Email Protection Solution

Proofpoint has announced it has added new functionality to the Proofpoint Email Protection solution to help businesses detect and block email spoofing attacks that attempt to fool employees into disclosing confidential information.

While there are many forms of email attacks, spoofing attacks are among the most successful. Cybercriminals impersonate known individuals –colleagues, contacts and trusted companies – to increase the likelihood of end users taking the desired action, which can be disclosing credentials, installing malware, visiting malicious websites, or making bank transfers to accounts controlled by criminals.

Figures released by the FBI suggest that more than $2 billion has been stolen by cybercriminals in the past two years, and impostor email attacks are on the rise. Since 2015, there has been a 270% increase in impostor email attacks typically impersonating high level executives such as the CEO and CFO. According to research from Proofpoint, half of the impostor emails it intercepted appeared, at first glance, to have been sent from the CFO and targeted human resources staff.

Out of these emails, just under a third were attempts to obtain the tax information of employees (W-2 Forms) and 20% requested wire transfers. The main problem with detecting these emails is there is little in the emails to analyze and distinguish the messages from genuine communications. There are no malware-infected email attachments, no malware downloaders, and no malicious URLs contained in the emails. “Stopping these threats requires both the right policies and a dynamic approach that incorporates all the potential indicators of an impostor email,” said Ryan Kalember, senior vice president of Cybersecurity Strategy for Proofpoint. “Our new capability automatically detects fraudulent email patterns, blocks messages and is easy to deploy.”

The impostor email classifier offers dynamic fraud prevention and classifies and quarantines these malicious emails, allowing sysadmins to quickly identify, report and stop this attack method. The new functionality has been incorporated into the Proofpoint Email Protection solution at no additional cost to customers.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of