Proofpoint enhances email security with pre-delivery social engineering and link protection
Proofpoint has unveiled two innovations that redefine email security with the most comprehensive and effective end-to-end email protection across the entire email delivery chain. Uniquely combining new pre-delivery, click-time, and post-delivery detections, Proofpoint’s enhanced core email security packages now include:
- pre-delivery defense against both social engineering threats and malicious links and;
- New adaptive email security capabilities, offering a fully integrated layer of behavioral AI-based defense post-delivery to stop targeted threats such as lateral internal phishing and advanced email fraud for the most at-risk employees—all while offering seamless API integration with Microsoft 365
Since 2016, the two most indispensable techniques used by threat actors have been text-based social engineering and URLs. Losses due to Business Email Compromise (BEC) have hit a record high of $2.9 billion according to the FBI 2023 Internet Crime Report, and it now tops the list of most significant cyber threats for CISOs. Every month, Proofpoint blocks over 66 million attempted BEC attacks targeting its customers. As attackers have also become more reliant on URLs, threat volume has surged; Proofpoint detects over 4.5 million unique malicious URLs daily, an increase of 119% in the last three years.
With both threats, speed kills; Proofpoint’s data set, spanning trillions of daily messages, shows that one in seven clicks on malicious URLs occurred within 60 seconds of the message hitting the inbox, underscoring the criticality of both pre- and post-delivery protection capabilities.
“The fragmentation across email security solutions allows threat actors to win, again and again. Organizations need a simple, unified and effective way to catch every threat, every time, every way a user may encounter it, using every form of detection,” said Darren Lee, Executive VP and GM, People Protection Group, Proofpoint. “Combined with our detection ensemble and email threat intelligence dataset—the largest and most advanced of its kind—our ability to offer end-to-end pre-delivery and adaptive email security sets a new bar for the industry.”
Proofpoint’s new semantic, AI-based detection innovations provide comprehensive protection before they can reach Microsoft 365 and Google Workplace inboxes and do harm. Leveraging NexusAI, Proofpoint’s proprietary AI engine built on trillions of data points, pre-delivery LLM-based detection enables organizations to stop payloadless social engineering threats such as advanced email fraud and malicious links.
Now part of Proofpoint’s detection ensemble across all its email security products, pre-delivery semantic analysis interprets a threat actor’s message intent regardless of word variation or language used. This optimizes Proofpoint’s NexusAI-based detection models by 10X, with close to nil additional processing time. Paired with Proofpoint’s recent release of the industry’s first pre-delivery suspicious URL hold and sandboxing capability, these enhancements create the most formidable set of defense-in-depth measures available for organizations to prevent attacks from reaching their targets.
Proofpoint Adaptive Email Security is an Integrated Cloud Email Security (ICES) solution that delivers an additional layer of behavioral AI-based detection of advanced threats, including BEC, social engineering, and lateral phishing messages, offering seamless API integration with Microsoft 365. Adaptive Email Security can be applied to the riskiest users identified by Proofpoint’s Targeted Attack Protection, or other potential high value targets, as informed by Proofpoint’s unique human risk scoring.
Once deployed, Adaptive Email Security enriches all detections with easy-to-understand explanations about behavioral anomalies observed. It automatically quarantines high confidence threats, while delivering real-time coaching using contextual warning banners to alert users to the risks in social engineering and BEC-type emails that don’t contain an obvious malicious payload.
Adaptive Email Security is available on a rolling basis for select customers as part of Proofpoint’s standard email security packages for an organization’s most at-risk employees.