Email Fraud Defense

Streamline your DMARC deployment

Dedicated consultants guide you through each step of your rollout. We start with a customizable project plan with guided workflows. Our consultants help:

• Identify all your legitimate senders and ensure they authenticate properly
• Recommend and prioritize tasks based on your needs
• Publish DMARC reject policy that doesn’t block valid email

Fully protect your organizations’ reputation

Common business email compromise (BEC) attack tactics include:

• Domain spoofing: "Company <person@company.com"
• Lookalike domain spoofing: "Company <person@c0rnpany.com"

We help you prevent fraudsters from sending emails that use your trusted domains—and domains designed to mimic them. Our solution helps you:

• Get 360-degree visibility across your ecosystem, including emails destined for business gateways and your own gateway
• Dynamically identify lookalikes of your domains registered by people outside of your organization
• See which of your domains attackers have attempted to hijack
• Proactively address malicious lookalikes of your domain with our Virtual Takedown Service

Get visibility into supplier risks

With our solution, you can go beyond DMARC and get visibility into your supplier risk with Supplier Risk Explorer.  We help you:

• Automatically identify your suppliers
• See message volume and the email delivered from malicious lookalikes of your suppliers’ domain
• Assesse and prioritize the risk suppliers pose to your organization, including impostor threats, phishing, malware and spam

Hosted authentication services

Streamlined management of your SPF records, DKIM keys and DMARC policies with Hosted Authentication Services.

Hosted SPF

• Helps you overcome the traditional DNS lookup limit of 10
• Reduces overhead of updating SPF record
• Updates records in real-time
• Improves SPF security

Host DKIM

• Simplifies configuration and management of DKIM selectors and keys
• Provides flexible DKIM selector hosting options (Delegated or Non-Delegated)
• Supports DNSSEC
• Creates geographically distributed and fault tolerant services
• Allows simple import of DKIM selectors and public keys

Host DMARC

• Simplifies administrative tasks associated with managing complex DMARC records
• Ensures compliance requirements are met and provides high reliability by using four geographically distributed (regional) data centers
• Reduces wait times by providing near-instant DNS updates

Comprehensive domain discovery

If a lookalike domain attempts to impersonate your brand, we’ll find it. We use a highly scalable domain monitoring and detection system to continuously analyze more than 650 million domains across WHOIS data sources. With high-quality intelligence and wide coverage, you get accurate details of any domains that pose a security, trademark or other risk to your company and customers.

Integrate with email gateway

We are the only security vendor that provides a true integration between email authentication and our industry-leading secure email gateway. This integration helps you:

• Mitigate risks of impostor threats by enforcing DMARC on inbound traffic
• Verify DMARC reputation of a specific domain, reducing the risk of blocking legitimate email
• Create override policies for valid email without compromising your security posture

Secure Email Relay

Proofpoint Secure Email Relay is a related solution that secures your application email and accelerates your DMARC implementation. This hosted solution helps you:

• Secure application email from internal applications and third-party SaaS providers, such as ServiceNow, Salesforce, and Workday, that send on your behalf
• Includes anti-virus/anti-spam scanning as well as DKIM signing of relayed messages to better support DMARC compliance
• Secure your trusted domain from being abused by vulnerable email service providers
• Protect sensitive data in application email with payload encryption and DLP
• Increase your deliverability performance