Misdirected Emails Categories
| Category and Name | Description | Enabled by Default? |
|---|---|---|
|
Misdirected Recipients |
||
|
Incorrect Recipient Address |
Notifies users when emailing an external contact for the first time. |
Yes |
|
Lookalike Domain |
Warns users when the recipient's domain closely resembles a trusted domain. |
Yes |
|
External Contact |
Alerts users when an email address may contain typographical errors. |
No |
|
Incoming Email from External Sender |
Displays alerts for incoming emails (label/description placeholder shown) from external senders. |
No |
|
Fundamentals |
||
|
Sender Domain Created Recently |
Detects emails whose sender domain was created recently. |
No |
|
Reply-to Domain Recently Created |
Detects incoming emails with a reply-to domain that was created recently and differs from the sender domain. |
No |
|
Sender Name Differs from Address |
Detects emails where the display name significantly differs from the actual email address. |
No |
|
Sender SPF Failed |
Detects emails that fail Sender Policy Framework (SPF) authentication. |
No |
|
Impersonation |
||
|
Sender Resembles Internal Employee |
Detects emails from a first-time sender whose display name matches an employee within the organization. |
No |
|
First-time Sender |
Detects emails from senders with whom the recipient has never communicated. |
No |
| Business Email Compromise | ||
| Payroll Information Update Request |
Detects emails requesting payroll information updates from external senders. |
No |
|
Invoice from a New Vendor |
Detects invoices received from vendors with no prior communication history. |
No |
|
Sender Resembles Contact |
Detects email senders that closely resemble, but are not identical to, known contacts. |
No |
|
Request to Update Payment Details |
Detects vendor requests to change payment details. |
No |
|
Financial Transaction Requests |
||
|
Emails with Invoices / POs |
Detects emails that contain payment requests such as invoices or purchase orders. |
No |
| Payment Request via Payment Service | Detects payment requests via third-party services (for example, PayPal or Venmo). | No |
|
Avoiding Inspection |
||
|
Emails with Links to Restricted Resources |
Detects emails that contain links to restricted-access resources. |
No |
|
Emails Appearing to Be from an E-Sign Service |
Detects emails that contain potentially malicious e-signature links. |
No |