ビジネスメール詐欺 (BEC) とメールアカウント侵害 (EAC)

BECとEACは同じではありません
多層アプローチが不可欠です

ビジネスメール詐欺(BEC)やメールアカウント侵害(EAC)による損害は壊滅的です。
またこれらの問題は複雑で、常に変化しています。
個人情報のなりすましは、情報漏えいにつながり、企業は数億円規模の不正取引の犠牲になっています。プルーフポイントの多層的なアプローチは、悪意のある詐欺実行犯があなたのビジネスに対して日々使っている多数の戦術に対処します。

アイデンティティの詐称は
あなたのビジネスを危険にさらす

誰かになりすましてメールを送信するビジネスメール詐欺 (BEC / Business Email Compromise) であれ、実際の誰かのアカウントを使ってなり代わってメールを送信するメールアカウント侵害 (EAC / Email Account Compromise) であれ、攻撃者はアイデンティティの詐称を利用しています。これが一般的なメール詐欺の要素であり、これに対処する必要があります。

ビジネスメール
詐欺 (BEC)

ビジネスメール詐欺 (BEC) は、被害者に金銭や個人情報を組織の外に送るように要求します。攻撃者は、CEOや財務担当副社長などの権限を持つ人物になりすますことでこれを行います。 BECやメール詐欺攻撃を阻止するには、以下のような対策の導入を検討してください。

  • なりすましや非常によく似たドメインを使ったメール詐欺攻撃をブロックする
  • 機械学習を利用して、すべてのメールコンテンツとヘッダーを分析する
  • グローバルメール認証ポリシーを有効にする
  • エンドユーザーの受信箱から不審なメールや不要なメールを削除する
  • サプライチェーンとビジネスパートナーに認証状況を開示する
  • ビジネスメール詐欺 (BEC / Business Email Compromise) を見破るための教育をエンドユーザーに提供する
  • なりすましや非常によく似たドメインを使った攻撃をブロックする

メールアカウント
侵害 (EAC)

メールアカウント侵害 (EAC / Email Account Compromise) は、攻撃者が被害者を騙して認証情報を窃取したり、他の手段で正規のアカウントにアクセスすることに成功した場合などに発生します。アカウントが窃取された場合、そのアカウントを使って組織内のネットワークを移動したり、データを盗んだり、ビジネスパートナーや顧客と不正に通信したりすることができます。メールアカウントの窃取を防止するためには、以下のようなソリューションが必要です。

  • クラウドアプリケーション全体でのブルートフォース攻撃や不審なユーザーの行動を監視する
  • 攻撃者によく狙われる要注意人物であるVAP (Very Attacked People)を特定する
  • 侵害されたメールアカウントのパスワードを強制的にリセットする
  • 認証情報の盗難を防ぐために、未知のウェブサイトへのアクセスは、読み取り専用アクセスを利用する
  • 認証情報を窃取する攻撃に対するエンドユーザーの脆弱性を評価する

BEC (Business Email Compromise)

ビジネスメール詐欺

プルーフポイントは、攻撃者が使用する多くの戦術に対処することで、ビジネスメール詐欺(BEC)から保護するための多層プローチを提供しています。多層アプローチで問題に対処することで、表示名のなりすまし、ドメインのなりすまし、よく似た類似ドメインを使用した脅威を防ぐことができます。また、BECの脅威がDMARCのEメール認証を使用してパートナーや顧客に影響を与えるのを防ぐことができます。教育と可視性を提供することで、お客様の組織がどのように攻撃を受けているか、また、個人やグループがメール詐欺攻撃に陥る可能性のある脆弱性を理解することができます。また、お客様の従業員がこれらの脅威に騙されずに詐欺を見抜く能力を向上させます。

EAC (Email Account Compromise)

メールアカウント侵害

エンドユーザがさまざまなアカウント間で認証情報を再利用する傾向があることから、メールアカウント侵害を防止するにはさまざまな脅威のベクトルに対応する必要があります。企業アカウントに限らず、これは個人アカウントにも影響します。クラウド・アプリケーション、電子メール、および個人のウェブメール全体を可視化し、制御することができます。これにより、認証情報の盗難を防ぎ、これらのアカウントにアクセスする不審な行動を特定することができます。メールアカウントの侵害の試みや、すでに侵害されているアカウントを特定できることは非常に重要です。このようにして、組織は感染とデータ損失の両方へのリスクに直面する領域を制限することができます。

Is Your Organization Protected Against BEC/EAC Attacks?

  • Can you detect and block impostor emails?
  • Can you defend against suspicious cloud account activities?
  • Do you have actionable visibility into who your most attacked people are?
  • Can your BEC/EAC defenses stop all tactics or just some of them?

Take the assessment today.

Question 1

My current solution effectively detects and blocks impostor emails from entering my organization.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
0% complete

Question 2

My current solution helps implement DMARC authentication to prevent fraudulent use of my domains to protect my employees, business partners, and customers.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
5% complete

View previous question

Question 3

My current solution helps me understand what DMARC policies I should create and enforce for inbound messages.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
13% complete

View previous question

Question 4

My current solution uncovers suspicious cloud account activities, such as failed logins, that are indicators of account compromise.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
20% complete

View previous question

Question 5

My current solution effectively detects and blocks advanced malware that are often used by attackers to compromise accounts.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
27% complete

View previous question

Question 6

My current solution can defend against credential phishing at the time of click and post-delivery

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
33% complete

View previous question

Question 7

My current solution provides actionable visibility into human attack surface, such as who my most attacked people are, and which users are being attacked with impostor and credential phishing threats

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
40% complete

View previous question

Question 8

My current solution tells me who is sending email using my domains – including third-party senders and lookalike domains

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
47% complete

View previous question

Question 9

My current solution provides visibility into cloud activities and tells me if there’s any sign of account compromise

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
53% complete

View previous question

Question 10

My current solution allows me to quickly contain and remediate BEC/EAC threats through automated threat detection and response

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
60% complete

View previous question

Question 11

My current solution allows me to train end users to spot identity deception and phishing tactics, which could lead to BEC/EAC

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
67% complete

View previous question

Question 12

My current security awareness training lets me customize training based on the type of threats employees are targeted with.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
73% complete

View previous question

Question 13

My current solution provides password training and educates users on why reusing passwords can lead to account compromise.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
80% complete

View previous question

Question 14

My current solution protects the main attack vectors for BEC and EAC, including corporate email, personal webmail, cloud apps, and social media.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
87% complete

View previous question

Question 15

My current solution allows me to consolidate multiple security products and vendors by providing an integrated, comprehensive BEC/EAC solution.

  • I have no
    solution for this
  • Strongly
    Disagree
  • Disagree
  • Neither Agree
    or Disagree
  • Agree
  • Strongly
    Agree
93% complete

View previous question

Assessment Complete

You are Protected

Fill out the form for a detailed analysis of your results and a downloadable report.

You’ll get a breakdown of your score and recommendations for improving your BEC/EAC preparedness. We'll follow up to learn more about your cybersecurity needs and whether our multilayered, integrated approach to these attacks is right for your organization.

You are Protected

Business email compromise (BEC) threats, in which attackers pretend to be you, and email account compromise threats (EAC), in which attackers become you, use social engineering and identity deception to trick or threaten victims into complying with a request. They don’t need malicious links or attachments; often they masquerade as a legitimate business. Read your score breakdown below for more information.

Business email compromise
How well are you protected against BEC attacks?

It’s never too late—or too early— to start developing a strong defense strategy for BEC/EAC attacks.

BEC/EAC Business email compromise (BEC) and email account compromise (EAC) have resulted in reported losses of more than $26 billion worldwide since 2016, and the financial losses associated with these scams continue to rise. These attacks target companies of all sizes and in all regions. If you have not addressed this matter yet, you need to prioritize it.

Addressing the common tactics used to commit business email compromise—such as domain spoofing, display name spoofing, and lookalike domains—is critical. Your email security solution must be able to accurately identify impostor emails that show up at your gateway and block them before they can reach your users.

Having a DMARC record and enforcing DMARC authentication on third- party domains are also key to preventing impostor threats and fraudulent use of your trusted domain. DMARC authentication adds another security layer to protect your internal users from impostor email and credential phishing. In addition, your email security solution should guide you on what DMARC policies to create and enforce without interrupting your core business communication.

You are on the right track to combating impostor threats.

A robust gateway can help you reduce cybersecurity “noise”— incidents you must investigate, verify and remediate. A gateway built for modern BEC/EAC threats accurately blocks imposter emails and credential phishing with dynamic detection for all users, which is more effective than those relying on manual or static rules for limited number of users. In addition, your email security solution must address common tactics used to commit business email compromise, such as domain spoofing, display-name spoofing and lookalike domains.

Having a DMARC record and enforcing DMARC authentication on third-party domains are also key to preventing impostor threats and fraudulent use of your trusted domain. DMARC authentication adds another security layer to protect your internal users from impostor and phishing email. It also protects your organization’s brand so that it doesn’t get used by attackers to steal money from customers or business partners. In addition, your email security solution should guide you on what DMARC policies to create and enforce without interrupting your core business communication.

You’re off to a good start. A robust email gateway that can dynamically detect impostor emails and identify phishing scams helps stop these threats before they can hurt your users. It doesn’t rely on manual or static rules, which can’t keep up with the latest change.

Enforcing DMARC is also key to prevent fraudulent use of your domains. DMARC authentication protects not just your internal users from impostor email, but also protects customers and business partners from fraudulent email that misuses your domain.

But BEC/EAC is a complex problem. Attackers often shift around different security measures. Make sure you’re thinking holistically and address all attackers’ tactics.

Email account compromise
How well are you protected against EAC attacks?

There’s still room for improvement. You’re exposed to two kinds of email fraud: business email compromise (BEC), in which attackers pretend to be you, and email account compromise (EAC), in which attackers essentially become you. BEC and EAC intertwine with each other. You may still be exposed to email fraud even if you’re protected against tactics that rely on identity deception. Once they compromise your account, they can easily start phishing and BEC attacks internally and with your supply chain.

Attackers can get into your environment in multiple ways. Therefore, you must protect all the main attack vectors for BEC and EAC—including cloud applications, users’ corporate email and their personal webmail. For your most attacked users, you should also deploy adaptive security and access controls. That may include additional security awareness training, isolating their web access so their credentials don’t get stolen in phishing attacks and restricting their access to unmanaged devices. That way, you can prevent account compromise before it happens.

Your security solution must also detect EAC and any suspicious cloud account activities such as failed logins and brute force attack. It must also prioritize critical incidents and automate threat response with contextual and actionable alerts.

You have some ability to defend against EAC. But that’s just one form of email fraud. In business email compromise (BEC) attacks, attackers pretend to be you. In email account compromise (EAC), attackers essentially become you. Because BEC and EAC intertwine with each other, it is important to address both in a holistic manner.

Attackers can get into your environment in multiple ways. And once they compromise your account, they can easily start phishing and BEC attacks internally and with your supply chain. Therefore, you need to protect all the main attack vectors for BEC and EAC, including cloud applications, users’ corporate email and their personal webmail. Your security solution must be able to detect EAC and any suspicious cloud account activities, such as failed logins and brute force attack. It must also prioritize critical incidents and automate threat response with contextual and actionable alerts.

For your most attacked users, you should implement adaptive security and access controls. That may include additional security awareness training, isolating their web access so their credentials don’t get stolen in phishing attacks, and restricting their access to unmanaged devices. That way, you can prevent account compromise before it happens.

You’re doing it right. Email fraud involves two main threats: business email compromise (BEC), in which attackers pretend to be you, and email account compromise (EAC), where attackers essentially become you. Because BEC and EAC intertwine with each other, it is important to address both in a holistic manner.

Attackers can get into your environment in multiple ways. And once they compromise your account, they can easily start phishing and BEC attacks internally and with your supply chain. Therefore, you must protect all the main attack vectors for BEC and EAC, including cloud applications, users’ corporate email and their personal webmail. Your security solution must be able to detect EAC and any suspicious cloud account activities such as failed logins and brute force attack. It must also prioritize critical incidents and automate threat response with contextual and actionable alerts.

training or isolating their web access, so their credentials don’t get phished, and restricting their access to unmanaged devices. That way, you can prevent account compromise before it happens.

Visibility
Do you have a full picture of your human attack surface?

You might be flying blind to your BEC/EAC risk. Because BEC/EAC attacks target people, visibility into your human attack surface is critical. Without visibility, it’s hard to provide answers to your board and management about:

  • What your organization’s BEC/EAC risk is
  • Which people are vulnerable
  • What you should do to mitigate the risk

Your email security solution must provide you with people-centric visibility that helps you identify your most attacked people, who’s being attacked with phishing and impostor emails, and who’s cloud email account has been compromised. In addition to knowing who’s being attacked with BEC and phishing, you also need visibility into who’s sending emails using your domain. That includes trusted third-party senders. That way, you can better understand and communicate BEC/EAC risks to your management and the board, while prioritizing mitigation.

Not bad. You've got some visibility into your BEC/EAC risk. But if you don't have visibility into your human attack surface, you're still exposed. Because BEC/EAC attacks target people, visibility into your human attack surface is critical. Attackers are shifting their aim away from infrastructure to people directly. Without people-centric visibility, it’s hard to provide answers to your board and management about:

  • What your organization’s BEC/EAC risk is
  • Which people are vulnerable
  • What you should do to mitigate the risk

Getting people-centric visibility helps you identify your most attacked people, who’s being attacked with phishing and impostor emails, and who’s cloud email account has been compromised. In addition to knowing who’s being attacked with BEC and phishing, you also need visibility into who’s sending emails using your domain. That includes trusted third-party senders. That way, you can better understand and communicate BEC/EAC risks to your management and the board, while prioritizing mitigation.

Well done. You've got visibility into your BEC/EAC risk. You know that BEC/EAC attacks target people and having visibility into your human attack surface is critical to successfully defending against these types of attacks. Attackers are shifting their aim from infrastructure to people directly. With people-centric visibility, you can provide answers to your board and management about:

  • What your organization’s BEC/EAC risk is
  • Which people are vulnerable
  • What you should do to mitigate the risk

People-centric visibility helps you identify your most attacked people, who’s being attacked with phishing and impostor emails, and who’s cloud email account has been compromised. In addition to knowing who’s being attacked with BEC and phishing, you also need visibility into who’s sending emails using your domain. That includes trusted third-party senders. With visibility into all these areas, you can better understand and communicate BEC/EAC risks to your management and the board, while prioritizing mitigation.

Remediation
Can you identify and respond to BEC/EAC threats quickly and efficiently?

You’re probably spending too much time cleaning up BEC/EAC threats across your organization. And the longer it takes for you to remediate BEC/EAC threats, the longer your organization is exposed.

To quickly contain the spread of BEC/EAC threats, your solution needs to automate the threat detection and response process. For example, it should allow you to quarantine potential impostor emails, reset user passwords, reauthenticate users, and suspend compromised accounts in an automated fashion. You should also be able to delete those phishing emails that contain URLs that are poisoned post-delivery with one click or automatically, even if it was forwarded or received by other end users. Automating these functions helps you accelerate threat response while doing less manual work.

Good for you. You have some capabilities in threat remediation. Cleaning up BEC/EAC threats across your organization could be time-consuming. The longer it takes for you to remediate BEC/EAC threats, the longer your organization is exposed.

To quickly contain the spread of BEC/EAC threats, your email security solution must automate the threat detection and response process. For example, it should allow you to quarantine potential impostor emails, reset user passwords, reauthenticate users, and suspend compromised accounts in an automated fashion. You should also be able to delete those phishing emails that contain URLs that are poisoned post-delivery with one click or automatically, even if it was forwarded or received by other end users. Automating these functions helps you accelerate threat response while doing less manual work.

Nice job. You are automating threat detection and response. It’s easy for you to clean up BEC/EAC threats across your organization. Your email security solution automates the threat detection and response process. It should also allow you to quarantine potential impostor emails, reset user passwords, reauthenticate users, and suspend compromised accounts, all in an automated fashion. You should also be able to delete those phishing emails that contain URLs that are poisoned post-delivery with one click or automatically, even if it was forwarded or received by other end users. Automating these functions helps you accelerate threat response while doing less manual work.

End User
Are your people equipped to recognize and report BEC/EAC attempts?

You’re missing a key component in your BEC/EAC defense strategy—end user training.

BEC and EAC have a lot in common. They both target people; they both rely on social engineering; and they both aim to solicit fraudulent payment. These threats rely on people to activate them. Therefore, mitigating BEC and EAC risks requires both technology and training. You need to educate your users to identify phishing and identity deception tactics, such as display-name spoofing and lookalike domains. You should also provide end-users with password training, so they know how to create a strong password and why they shouldn’t reuse or share passwords. Security awareness training plays a critical role in mitigating risks of email fraud because it helps your users to become part of your line of defense.

You should also customize security awareness training so that it maps back to your organization’s internal process. Make sure you have an abuse mailbox set up and instruct your users to send suspicious emails to it. You should also provide feedback to your users and let them know the analysis results of any email they report.

You have taken end-user training into account, which is a key component in mitigating BEC/EAC risks.

BEC and EAC have a lot in common. They both target people; they both rely on social engineering; and they both aim to solicit fraudulent payment. These threats rely on people to activate them. Therefore, mitigating BEC and EAC risks requires both technology and training. You need to educate your users to identify phishing and identity deception tactics, such as display-name spoofing and lookalike domains. You should also provide end-users with password training, so they know how to create a strong password and why they shouldn’t reuse or share passwords. Security awareness training plays a critical role in mitigating risks of email fraud because it helps your users to become part of your line of defense.

Your solution should allow you to customize security awareness training so that it maps back to your organization’s internal process. Make sure you have an abuse mailbox set up and instruct your users to send suspicious emails to it. Your solution should automatically analyze those emails and provide feedback to your users, letting them know the analysis results of the email they report.

You’re doing it right—you have taken end-user training into account. That is a key component in mitigating BEC/EAC risks.

BEC and EAC have a lot in common. They both target people; they both rely on social engineering; and they both aim to solicit fraudulent payment. These threats rely on people to activate them. Therefore, mitigating BEC and EAC risks requires both technology and training. You need to educate your users to identify phishing and identity deception tactics, such as display-name spoofing and lookalike domains. Security awareness training plays a critical role in mitigating risks of email fraud because it helps your users to become part of your line of defense.

Your solution should allow you to customize security awareness training so that it maps back to your organization’s internal process. Make sure you have an abuse mailbox set up and instruct your users to send suspicious emails to it. Your solution should also automatically analyze those emails and provide feedback to your users, letting them know the analysis results of the email they report.

Integration
Are your BEC/EAC capabilities part of an integrated cyber defense?

Growing overwhelmed by too many security products and vendors—and not having enough people to manage them—are two common challenges for any security team. An integrated, end-to-end solution that addresses all attackers’ tactics helps to not only better defend against BEC and EAC, but also allows you to consolidate multiple security products and vendors. That saves you time and cost in managing point products that don’t talk to each other. In addition, you need visibility across all your security control points. A solution with tight integration should help you automate threat detection, investigation, and response, and connect the dots across different control points, including email, cloud apps, and users.

You have some integration. But growing overwhelmed by too many security products and vendors—and lack of security professionals to manage them—are two common challenges for any security team. An integrated, end-to-end solution that addresses all attackers’ tactics helps to not only better defend against BEC and EAC, but also allows you to consolidate multiple security products and vendors. That saves you time and cost in managing point products that don’t talk to each other. In addition, you need visibility across all your security control points. A solution with tight integration should help you automate threat detection, investigation, and response, and connect the dots across different control points, including email, cloud apps, and users

Excellent. You have an integrated solution that allows you to consolidate multiple security products and vendors. Growing overwhelmed by too many security products and vendors—and lack of security professionals to manage them—are two common challenges for any security team. While your integrated solution saves you time and cost in managing point products that don’t talk to each other, it should also address all attackers’ tactics used to conduct BEC and EAC.

You should already be getting visibility across all your security control points and automating threat detection, investigation, and response. An integrated BEC/EAC solution can help you connect the dots across different control points, including email, cloud apps and users.

Defend against BEC/EAC attacks quickly and effectively with Proofpoint

Because BEC and EAC intertwine with each other, you need to address them both with a comprehensive solution that addresses all tactics, automates detection and remediation, and provides visibility into to your BEC/EAC risk. Proofpoint is the only vendor that provides an integrated, holistic solution to effectively stop BEC and EAC attacks. Our solution includes:

  • Visibility into which users are being attacked
  • Visibility into who's sending emails using your domain
  • Training that allows users to be more resilient to impersonation
  • Automated detection and remediation of attacks
  • An impostor classifier that prevents delivery of BEC attempts
  • Automatic remediation of compromised accounts through re-authentication and password results

Click here to re-take the assessment

Assessment Complete

You are Protected

Download a detailed analysis of your results below.

You'll get a breakdown of your score and recommendations for improving your BEC/EAC prepardness. We'll follow up to learn more about your cybersecurity needs and whether our multilayered. integrated approach to these attacks is right for your organization.

 

Interested in learning more about BEC and EAC?
Click below or download the Gartner BEC report.

Click here to re-take the assessment

BECとEAC攻撃を
効果的にブロックする方法

ゲートウェイ

  • なりすましドメインを利用した攻撃をブロックする
  • 外部メールにタグを付けて、メールの送信元を受信者に知らせる
  • メッセージヘッダーを分析して異常を特定する
  • 機械学習ですべてのメールコンテンツを分析する
  • 表示名のなりすましを識別してブロックする
  • メール認証ポリシーを実施する

認証

  • グローバル電子メール認証ポリシー(DMARC)を作成し、インターネット全体に適用する
  • 信頼できるドメインから不正なメールを送信しようとする試みをすべてブロックする
  • 類似ドメインの登録を報告する

クラウド アプリケーション

  • 不審なクラウドアカウントの活動を特定する
  • ブルートフォース攻撃を検出する
  • アラートに優先順位をつけるためのポリシーを構築する

Web アクセス

  • 未知のウェブサイトへのアクセスを隔離する
  • セキュリティ解析が完了するまで、読み取り専用のアクセスを提供する
  • 個人のウェブメールアカウントから組織に入るコンテンツを管理する

可視性

  • 組織内の攻撃されやすい人物(VAP)を特定する
  • サプライチェーン全体の認証ステータスを開示する
  • アカウント攻撃に対するユーザー中心の可視性を提供

自動対処

  • 組織内に侵入した不審なメールを特定し削除する
  • 侵害された社内アカウントから不要なメールを削除する
  • パスワードを強制的にリセットし、危険にさらされたアカウントを無効にする
  • アカウント認証ソリューションを使用してセッションを再認証する
  • アカウント侵害事件をする

教育

  • ビジネスメール詐欺(BEC)およびメールアカウント侵害(EAC)の脅威に対するユーザーの脆弱性を評価する
  • 脅威と認証情報の盗難を特定する方法についてユーザーを訓練する
  • Abuseメールボックス処理を自動化する

Demo

ビジネスメール詐欺からの保護

プルーフポイントの電子メール解析は、機械学習技術と電子メール認証を使用し、ビジネスメール詐欺を正確に特定し、ブロックします。

Watch the Demo

Ready to give Proofpoint a try?

Let us walk you through our BEC and EAC solutions and answer any questions you have about email security.