Tag and identify external email that appears to be from a known From address. This is often known as CEO or Friendly From Spoofing.
We can detect when your users are getting emails with your CEO’s name combined with a random email address, or emails from their colleagues sent from an external email address.
To guard against display name spoofing you will upload a list of your users to the Address Book in the portal.
One this is completed each incoming message will do a "fuzzy search" based on the sender of that message to determine if it might be an impersonation attempt.
Here are some common examples:
CFO of the company is named Jane Smith and her email address is jane.smith@our-company.com.
If an email message comes in with a FROM looking something like these:jsmith@another-company.comJane Smith <jsmith@another-company.com>J Smith <jsmith@another-company.com>Jane Smith <jane.smith@another-company.com>J Smith <jane.smith@another-company.com>J Smith <janesmith@another-company.com>
These emails will be tagged and identified as possible spoofed emails.