Advanced Protection Against
Business Email Compromise (BEC)

Organizations around the world now face unprecedented challenges preventing, detecting and responding to modern and more sophisticated phishing attacks, such as business email compromise (BEC) and sender impersonation. Recommended BEC protection, such as DMARC, is not well adopted since it is very hard to implement and is only effective at email spoofing protection when dealing with a small subset of phishing threats.


Key Business

email spoofing and impersonation emails, such as display name and domain look-alikes in real-time.
risk of financial loss from business email compromise (BEC) attacks.
busy and unsuspecting employees at recognizing and reporting phishing attempts through InMail banner alerts.

DMARC is not Enough!
The Need for Advanced Email Authentication

The email protocol was not designed with security in mind, and there is no authentication mechanism in place whatsoever.
However pseudo-authentication is now possible using ‘sender fingerprinting', an advanced machine learning based technology that can identify the true identity of a sender. This technology was designed and built to answer a simple, yet very complicated question:

Who is sending me what?

The “Who” equates to the real identity of the sender
The “What” stands for the content and the context of this communication

How Does IronSights Compliment DMARC
and Protect Against BEC?

IronSights is an Advanced Mailbox-level Anomaly Detection module that protects company's employees from business email compromise (BEC), email spoofing and impersonations attempts by dynamically learning their mailbox and communication habits.

IronSights fingerprinting technology takes into account factors like implementation level (no/full/partial) of DMARC/SPF/DKIM, sending IPs, normal communication context and other meta data in order to create a unique fingerprint for each sender, any deviation from the norm will be detected immediately and flagged inside the mailbox through InMail banner alerts.

Using machine learning algorithms, IronSights also continuously studies every employee's inbox to detect anomalies based on both email data and metadata extracted from previously trusted communications that can then automatically flag suspicious emails to help people make smarter and quicker decisions regarding suspicious emails within the mailbox.

Ironschool on displays
Why IronSights
Identify and prevent against BEC attempts and email phishing messages with or without active payloads
Harden existing email spoofing protection and impersonation detection that DMARC and secure email gateways cannot provide
Improve trust and authentication of email communications
Sender fingerprinting
Inbox behavioral analysis
Advanced mapping of trusted external and internal senders
InMail banner alerts to flag anomalies in the mailbox
IronSights is available as a quick and easy two-click deployment for Office365 and G Suite in the cloud, on premise, or hybrid, with no MX records changes required.
Other Products
Business Email Security
Phishing Incident Response
Phishing Intelligence
Social Engineering
Free Trial