Cybersecurity Glossary

Domain spoofing is a phishing attack where cybercriminals use a fake version of a legitimate email address to scam users. Unlike display name or close cousin spoofing, domain name spoofing replicates the legitimate email address exactly. This form of email spoofing is less common because of Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM). Once SPF and DKIM are incorporated into DNS settings, they prevent unauthorized use of domain names for spoofing attacks.

EDR, or endpoint detection and response, is technology used for endpoint protection. EDR systems detect security threats by monitoring endpoint activity for suspicious behaviors, block and contain malicious threats, and facilitate incident response and investigation activities. Organizations often use EDR systems as part of a multi-faceted approach to cybersecurity, pairing the technology with other systems such as XDR (Extended Detection and Response), SIEM (Security Information and Event Management), and AI threat detection and response solutions.

Email archiving is the process of preserving and storing email communications in a manner that is safe, organized, and accessible for future use. Organizations depend on email archiving for a variety of reasons, including compliance with laws, internal audits, potential litigation, and more. Safe and effective email archiving requires email security to protect sensitive email communications against cyberthreats and bad actors.

Email filtering refers to the classification of both inbound and outbound email traffic based on certain criteria. Email filtering analyzes email content for potential spam or phishing risks, and ensures those emails are properly classified and placed in the appropriate folders, such as spam or junk. Email filtering ensures malicious emails don’t end up in an individual’s main inbox, which in turn lowers the likelihood of a successful cyberattack.

Email gateways, or secure email gateways (SEGs), are used to detect and block malicious email content before it reaches a corporate email server. While email filtering sorts through nefarious content once it reaches an individual’s inbox, email gateways prevent possible phishing attacks from reaching a mail server in the first place.

Secure email gateways rely on signature and reputation-based detection to protect against known email threats. While once regarded as a safe defense against cybercriminals, secure email gateways are vulnerable to many modern threats, including those that remain unknown. They also require MX record changes that hackers can see via an MX record query. In the event a malicious email bypasses the gateway, SEGs also can’t remediate or remove the threat post-delivery.

A superior alternative to email gateways are cybersecurity solutions that offer predictive defense against known and unknown threats. These solutions rely on artificial intelligence (AI) to conduct behavioral and heuristic analyses of malicious emails, detect anomalies and abusive patterns, and remediate email threats post-delivery.

Email scams such as phishing, spear phishing, and malware attacks deceive recipients with malicious intent. Email scams are designed to defraud an individual or organization by making them believe the information or request contained in the email is legitimate. These scams attempt to coerce potential victims into divulging sensitive information, completing a compromising request (e.g., transferring funds to a fraudulent account), or downloading a file infected with malware. Email scams are the most popular type of cyber threat and the top cause of initial compromise. Protecting against email-based attacks requires advanced email security.     

Email security refers to the standards, best practices, and technologies used to protect personal and corporate email accounts and communications.

Email spoofing is a technique used in phishing and spear phishing attempts in which a person attempts to pass off a fraudulent email as a legitimate one that closely resembles a message an individual would typically receive.

Emotet, or Emotet malware, is a type of malware that was originally designed to compromise financial data via banking trojans. But today, Emotet has evolved into a major threat that targets all types of organizations. After avoiding anti-virus detection software and infiltrating a user’s device or network, Emotet malware infects the original device, before sending itself via spam emails to a user’s contact list.

Typically, Emotet malware is transferred via email links that appear to be authentic. Once a user clicks the nefarious link, the Emotet malware is automatically downloaded onto the user’s device. Once Emotet has been downloaded, a user can experience data theft, loss of access to sensitive data, and critical damage to their company’s IT infrastructure as a whole.

Designed to evade detection, Emotet malware is difficult to prevent. Only through the right combination of AI-based cybersecurity measures, such as anti-phishing and anti-malware solutions, and user awareness training can your organization avoid a successful Emotet attack.