Email Compromise Protection

Protect your business – as well as others' – against email fraud
Frequently asked questions


What is email fraud?

Email is a company’s most common mean of communication. It has therefore been an enabler of fraudulent behaviour since its very conception. Email fraud is any kind of fraud where someone falsifies an email address with intent to claim to be someone else in order to get his or her hands on money, sensitive information and/or spread malicious code.

How does email fraud work?

Previously, email frauds has primarily been about registering a confusingly similar domain name in order to fool a company’s clients and/or employees. This is called “typosquatting” when using typos in the domain name, and “cybersquatting” when registering a company name/brand on another top-level domain, such as .co instead of .com.

Lately however, so called ”spoofing” has emerged as a big problem. Spoofing means sending an email to a receiver that looks exactly like it is coming from the person whom one wishes to impersonate. The classic example is a CFO receiving an email from the CEO of the company, asking him or her to transfer money to an offshore account. Hence the term “CEO-fraud”.

The emails are often quite sophisticated and the result of a longer period of analysing the company internal structure, roles and even email signatures. This is called “spear-phising”, in contrast with the commonly used method of “phishing” which means sending a large number of general emails to a much larger group of receivers.

How do you protect yourself against email fraud?

The first misconception we need to address is that spoofing is a ”receiving” problem that can be fixed with spam filters or anti-virus programs. However, spoofing is a sending problem enabled by the lack of mechanisms for authentication in the standard email protocols. The first step in order to protect oneself against email fraud is realising the difference between a receiving and a sending problem.

The other misconception that needs to be addressed is that email frauds can be counteracted by organisational measures alone. Creating awareness within the organisation is important. However, email frauds are not just directed internally, but also against other companies such as clients and/or providers. Just creating awareness about email fraud within the organisation is therefore not enough from a bigger perspective.

Every organisation therefore has a responsibility to protect both themselves, and others, against fraudulent behaviour.

The second step is thus to secure one’s IT environment and close the security holes that the vast majority of companies still have regarding their outgoing email traffic.

"After a period of having seen the extreme rise in the occurrence of false emails, we turned to Ports Group, our partner for protecting our online brand identity since many years. Ports presented their service Email Compromise Protection for us, which seemed promising. After a bit of tweaking and thorough analysis work with Ports, the problem is now basically eliminated and we feel safer in regards to the users’ email management."

Jacob Malmros

IT Manager at Oatly

Our process for protecting you against email fraud

1. Secure management

1. Secure management

The foundation is laid by a management of one’s domain name portfolio that is secure and according to policy. This is to eliminate the risk of a domain name expiring and/or coming under the control of someone else with malicious intent. Further actions include encrypting the information on one´s website (SSL-certificates) and securing the traffic on one´s domain name against falsified information (DNSSEC) – hygiene factors for companies that value their digital security.

2. Analysis, security measures and ongoing reports

2. Analysis, security measures and ongoing reports

Among the biggest security flaws with the entire email systems is that it is built upon a protocol (SMTP) which lacks mechanisms for authentication, without which identity thefts cannot be prevented. We help you implement security functions that complements each other and together create a comprehensive identity protection. This enables total overview of the flow of emails and identifies potential misconfigurations and/or attempts to commit fraud so they can be stopped even before they reach their intended receiver. The needs always differ from client to client. We always start by conducting an analysis of the current state of your flow of emails, which in turn results in a tailored report complete with an action plan based on your unique situation. We then carry out ongoing actions and reports, and touch base at least once a month.

3. Domain name Watch and take-downs

3. Domain name Watch and take-downs

Carrying out security measures in the email system provides protection against someone sending emails using your primary domain name as sender. However, it does not stop anyone from registering a confusingly similar domain name and using that against your employees and/or other companies. Therefore we complement the safe management and security measures with a Domain name Watch service to be able to identify potential threats and take legal actions such as cease-and-desist letters and potential disputes.

Want to know more about Email Compromise Protection?

  • This field is for validation purposes and should be left unchanged.

When you contact Ports Group your personal data will be processed in accordance with our Privacy Policy.