ExecProtect: A solution for display name spoofing

Featured image

Share this article

ExecProtect: A Solution for Display Name Spoofing - Paubo

This month we steadily added customers to a new solution we’ve built to combat Display Name Spoofing. We’re calling it ExecProtect.

This post is about why we built ExecProtect, how it works, and how it provides value to your organization.

Display Name Spoofing Attacks

Data breaches via phishing attacks sit top of mind for C-Level executives and IT Directors across the globe.

Display Name Spoofing is the phishing attack method that’s causing havoc across the internet now.

As we outlined in a previous post, Display Name Spoofing attacks appear to come from a person of authority within a company.

When this is coupled with:

  • The fact that at least 70% of all email is now read from a smartphone.
  • By default, email apps on a smartphone only show the Display Name of the sender. If you want to see the actual email address, further action (i.e. friction) is required.

The net effect is that if you see an email from your boss on your phone, you’ll probably open it immediately, not bothering to think about the actual email address it came from.

Display Name Spoofing attacks are leveling up in sophistication too.

Long gone are the days of typos, deposed Nigerian princes, and run-on sentences.

Examples of advanced sophistication include:

  • No attachments to scan
  • No links to inspect
  • The sending IP address is not listed on any RBL (Real-time Blackhole List)
  • Many Display Name Spoofing attacks are sent from valid Gmail, AOL, and Yahoo accounts
  • The Display Name of the sender is from a C-level executive (CEO, CFO, COO, etc).
  • The email is short, to the point, and introduces urgency
  • They often insert phrases like “Sent from my iPad” at the bottom. This is done to give the appearance it was authentically composed at a moment’s notice

In a nutshell, Display Name Spoofing attacks are working. Up until now, the good guys have been losing the battle.

This is why we built ExecProtect.

ExecProtect: How it Works

ExecProtect, which is a concatenated version of Executive Protection, is a new feature we added to Paubox Email Suite Plus.

Here’s how it works:

Step 1. We work with our customers to get a list of the C-level executives being impersonated within their organization. This would include their names and email addresses they use to communicate with staff.

Step 2. We add those entries into our ExecProtect database.

Step 3. If an email comes in that matches a name on the ExecProtect list and does not match an email tied to it, the email is immediately quarantined. This approach prevents the malicious email from reaching the end user’s inbox.

Step 4. We send an email notification to the customer admin(s) notifying them we’ve stopped a Display Name phishing attack.

It’s simple, effective, and it works.

ExecProtect: How it Provides Value

Our customers have shared valuable stories with us on how ExecProtect is providing value to their organizations.

For example, a few weeks ago we stopped 50 Display Name Spoof attacks from reaching a customer in a single day. Today we stopped a dozen more from reaching their inboxes.

Within the past few months alone, C-level executives and IT Directors have told us:

“We have a huge threat of people impersonating our executives and trying to commit fraud against our organization.”

“At the end of the day, our top risk is being phished. That’s gonna lead to a breach.”

“Our organization is hyper-sensitive about being on the front page of WSJ for a data privacy breach.”

ExecProtect helps prevent all of these scenarios.

ExecProtect & HITRUST

ExecProtect is a new component of Paubox Email Suite Plus.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022