In one of the recent updates for the cases of display name spoofing and lookalike domain policy, Logix cloud email security ATP has rolled out new features which could scan and detect more advance level of issues.
Fraudsters are evolving and finding out new techniques to exploit digital vulnerabilities, one of such issue reported is – Prefix and Suffix Issue for Display Name spoofing.
Currently, the action on the issue of the ‘Exact Display Name match’ is that the emails are quarantined. To take it to another level, fraudsters now trick the victims by altering display name spoofing either by adding a Prefix – Mr./Mrs./Dr. or by adding a letter or a number in suffix. It is also noticed they create a space between the recipient’s name and surname.
A spoofed Display Name can be detected by any Email Threat scanner but a display name with a new form of techniques like an added prefix, suffix or with certain spacing between the names can only be detected with Logix Cloud Email Advanced Threat Protection (ATP).
Action Taken: Such mails are caught while scanning and are sent to the recipient with the subject: “Possible Name Forged” or “Forged Email Detection”
Similarly, the cases of cousin domain or look-alike domain spoofing instance are currently on a rampage. In one of the other enhancements, the cases of Lookalike domain spoofing are detected and brought to the notice, the action taken on the cases of Exact domain match is that the emails are quarantined.
For any possible threat of Lookalike match, a mail is sent to the recipient with alter subject ‘Possible Domain Forged’
Cousin domains typically are used as a phishing tool to spoof your brand’s domain name. Our team at Logix has also added Cousin Domain Spoofing as an additional security feature to identify spoofing instances where the domain name can be easily misspelled to make it look like the authorized/original domain.
If both the cases of Forged Email Detection & Lookalike domain issue are reported then a mail is sent to the recipient with the altered subject “Forged Email”.
There is also a provision to create an exception for a certain set of Email addresses in both the above cases and such emails are directly sent to the recipient inbox. For instance – email@example.com & firstname.lastname@example.org are exempted from the filter for the cases of Display name spoofing.
To know more about Logix Email Security services writes to us at email@example.com | firstname.lastname@example.org