Malicious senders have done their homework. They know who the people in authority are within an organization. They often aim to target staff in that organization using the names of senior executives or other key personnel who are known to them.
These attacks rely solely on the name of the person being impersonated and thus usually escape rules designed to capture domain or email address spoofing. The attacks work by fooling the recipient into believing they have received an internal email from a senior colleague and causing them to take unauthorized actions (such as bank transfers, changes of contact information etc…) based on their instructions.
VIP Impersonation Protection detects these social engineering-based email attacks and stamps an email if triggered. Detecting and stopping these types of attacks necessitates a thorough examination of an email’s content while maintaining delivery speed.