Email security

Business email compromise (BEC)

Business email compromise is a targeted social engineering attack that uses email impersonation and trust exploitation to divert payments, steal sensitive data, or manipulate business processes.

Email authentication

Email authentication combines SPF, DKIM, and DMARC into a layered defense that verifies sender identity and prevents domain spoofing, with BIMI emerging as a visual trust indicator built on top.

What is adversary-in-the-middle (AiTM) phishing?

AiTM phishing uses reverse-proxy tools to relay credentials and capture session tokens in real time, allowing attackers to bypass multi-factor authentication and hijack authenticated sessions.

What is DKIM?

DKIM uses cryptographic signatures to verify that an email's headers and body haven't been tampered with in transit, tying the message to a specific sending domain through DNS-published public keys.

What is DMARC?

DMARC ties SPF and DKIM together through domain alignment and adds a policy layer that tells receivers how to handle authentication failures, along with a reporting mechanism for visibility into email abuse.

What is OAuth phishing?

OAuth phishing tricks users into granting malicious applications persistent access to their email and files through legitimate-looking consent screens, bypassing traditional credential theft entirely.

What is phishing?

Phishing is the use of deceptive messages, primarily email, to steal credentials, deliver malware, or manipulate victims into actions that benefit the attacker. This guide covers phishing types, post-compromise escalation, common lures, detection signals, and the role of domain infrastructure in phishing campaigns.

What is SPF?

SPF is a DNS-based email authentication protocol that lets domain owners declare which mail servers are authorized to send on their behalf, helping receivers detect forged envelope senders.