DISPLAY NAME SPOOFING
The email scam that exploits users on mobile devices
WHAT IS DISPLAY NAME SPOOFING?
Display name spoofing is when a hacker creates an email account using a first and last name (display name) that will appear familiar to the recipient. Email attacks like CEO Fraud, Spear-Phishing and Whaling utilize this tactic and it is especially effective when email is viewed on mobile devices.
1/3 of all Cybercrime Losses
More than a third of all cybercrime losses can be attributed CEO Fraud/BEC. $2.4B lost by US businesses in 2021.
17,607 Attempts in 2020
In 2020 there was a total of 17,607 seen attempts at implementing a CEO Fraud scam, up from 13,055 at the end of 2020.
(source: Statista)
Losses Exceed $26 Billion
Business email compromise (BEC) and email account compromise (EAC) losses have surpassed $43 billion globally.
(source: FBI)
HOW MOBILE DEVICES ENABLE
DISPLAY NAME SPOOFING
The screen size on a mobile device is smaller than on a laptop or desktop. As a result, the amount of information that can be displayed is far less - and mail clients on mobile devices are adapted for this. Most, if not all, mail clients on mobile devices don’t display the sender’s email address, and instead show only the display name. This is a major advantage to attackers.
Email Address Not Shown
The same email when viewed on a desktop shows the full email address (hacker@gmail.com) whereas when view on a mobile device, it only shows the display name (Mark Adams) whom is being impersonated.
No Links Or Attachments
The absence of links or attachments, renders AV engines and sandboxes obsolete. To the recipient, this email may look indistinguishable from a genuine one.
Social Engineering
Posing as the CFO, the attacker is using language to that creates a sense of urgency and exerts significant pressure on the recipient to comply.
HOW DOES MESH PROTECT
AGAINST DISPLAY NAME SPOOFING?
Mesh applies over 250 unique filters to every single email it processes, protecting against the full spectrum of email attacks. Combining machine learning, predictive threat intelligence and advanced content analysis, Mesh identifies indicators of compromise, fraud, impersonation, phishing, malicious content, spam, and unsolicited marketing emails, keeping organizations and their people safe.
Impersonation Detection
Mesh analyzes email content, language, tone and cadence, combined with checks against the sending domain, display name, and username, for matches and/or similarities with the recipient organization.
Contextual Banners
Informed employees are safer employees. Banners can be applied to emails warning of danger or advising caution, empowering employees to safely navigate their inbox. Banners are customizable.
Predictive Threat Intelligence
Knowing what regular email traffic looks like makes it easier to recognize anomalistic email. Mesh utilizes a combination of Passive DNS Sensors, Deep-Relationship Analysis, Neural Networks and other information sources to detect abnormalities.
Its ability to detect emails specifically targeting high-risk individuals is incredibly reassuring
Mesh has significantly reduced the amount of email-related tickets we receive. The ability to manage everything centrally from partner level makes our job so much easier - we can make changes for all clients in one go. Onboarding was quick and painless, both our engineers and end-users took to it straight away.”
Jason Gilmer
Network Admin at Reading Bakery Systems
Ready to get started?
Make your customers safer and
your MSP more efficient.
MSP Success Stories
Discover how your MSP peers have made their MSPs more efficient and profitable, while delivering better email security to their customers.
Mesh is not for everyone
We’re developing the only email security platform built exclusively for MSPs, but nobody is perfect and Mesh is not for every team.