• Mimecast Impersonation Protect

Mimecast Impersonation Protect

Not all email-borne attacks use malicious URLs or attachments. Business email compromise or impersonation attacks often use social engineering and are designed to trick key users such as finance, executive assistants, and HR into making wire transfers or providing other monetisable information to cybercriminals.

They do this by pretending to be the CEO, CFO, or other important people in the organization and can even impersonate your trusted partners or other well-known internet brands. Some also target departments responsible for sensitive employee data, such as payroll, which can be used for identity theft. Detecting and blocking these types of attacks requires deep inspection of the content of an email without impacting delivery speed.

What is Mimecast Impersonation Protect?

Mimecast Targeted Threat Protection with Impersonation Protect is an advanced email security feature that provides instant and comprehensive protection from the latest malware-less social engineering-based email attacks,often called CEO fraud, impersonation, whaling or business email compromise.  Impersonation Protect identifies combinations of key indicators in an email to determine if the content is suspicious, even in the absence of a malicious URL or attachment

Mimecast Impersonation Protect

How does Mimecast Impersonation Protect work?

As email passes through the Mimecast Secure Email Gateway, Impersonation Protect examines several key aspects of the message.

Impersonation Protect examines the email’s display name, domain name, recency of email from that domain, reply-to information, and the body of the message to determine if the email could be an impersonation attack.

If the email fails a combination of these tests, administrators can configure Impersonation Protect to discard the message, quarantine it, or warn the receiver that the email is suspicious.


  • Real-time protection against malware-less social engineering attacks like whaling, CEO fraud, business email compromise, impersonation or W-2 fraud.

  • Protects against newly observed and newly registered domains used as part of the attack.

  • Scans for popular internet domain brand impersonation while Administrators control their own domain list of organizations they work with to monitor for typo-squatting abuse.

  • Includes a Targeted Threat Dictionary managed by Mimecast to which custom terms can be added by the customers’ administrators.

  • Ensures end users are protected by visibly marking suspicious emails

  • Backed by comprehensive protection from Mimecast’s threat intelligence infrastructure and the Mimecast Security Operations Center.

  • Complete administrative control over handling of emails; quarantine, block or mark emails depending on your organization’s preferences

  • Works alongside URL Protect, Attachment Protect, and Internal Email Protect to provide comprehensive protection against the latest attack methods.

Watch the video

Discover More: