Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

2 min read

Display name spoofing: A root cause of many cyberattacks

Display name spoofing: A root cause of many cyberattacks

Popular culture or our own preferences often skew our perspective on the source of cyberattacks in healthcare. For example, we often assume they result from highly technical approaches rather than simple attack vectors like display name spoofing.

It’s often more convenient to think that all cyberattacks start with a skilled hacker. For example, an eavesdropping attack or an SQL injection attack can require some development chops. A defensive strategy for these types of attacks relies more on technology and security policies than user education and training. In other words, they’re easier to control.


Healthcare and socially engineered cyberattacks


In reality, however, most healthcare cyberattacks rely on social engineering. With that approach, an attacker tricks employees or partners into taking an action that leads to a breach. In fact, according to Deloitte, “91% of all cyberattacks begin with a phishing email to an unexpected victim.”

SEE MORE: What is an email phishing attack?


Display name spoofing attacks


Display name spoofing is one of the most common types of phishing attacks. With this tactic, an attacker alters the display name on an email header to look like it’s coming from a trusted source. These attacks can be especially dangerous when an employee reads the email with a mobile device. On a smartphone, for example, the actual sending email address is often hidden, leaving only the display name to identify the sender.

According to Cybernews, most spoofing attacks try to “invoke a sense of urgency or fear in victims. This tricks users into clicking on malicious links, sending money to scammers or opening attachments with scripts.” When supposedly coming from a company executive, spoofed emails often just ask for a timely reply, which in turn leads to more damaging instructions.


Paubox ExecProtect: Eliminate display name spoofing


Paubox is helping healthcare companies eliminate display name spoofing attacks through a patented technology called ExecProtect. This innovative tool is available as part of the Plus and Premium editions of Paubox Email Suite. Here’s how it works:

  1. A bad actor sends an email impersonating the CEO or another company executive.
  2. Paubox ExecProtect checks if the email is an approved email address for the CEO.
  3. If it is not, the email is quarantined, and the admin is notified.

Straightforward and effective. Here’s how the IT Director at Jellyvision, a healthcare benefits technology company, puts it: “ExecProtect is beautiful – since we started using it, we haven’t had a spoofed executive email come through.”


ExecProtect provides ease of email security


Leveraging ExecProtect offers a number of compelling benefits to healthcare providers and other covered entities. With it, those organizations are able to:

  • Eliminate display name spoofing attacks, which today cost providers an average of $3.2 million in hard costs and lost productivity per breach.
  • Require zero training for internal teams because attacks are stopped before employees see them.
  • Easily set it up with an existing email platform.


SEE MORE: Paubox Email Suite inbound security


Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.