Your mailbox already has a filter. It was never built to stop this.
Default mailbox filtering catches spam. It was never designed to catch a targeted business-email-compromise attempt written specifically for your finance team. We layer dedicated email security, powered by Check Point, over the mailbox you already run.
- #1Attack vector into Australian businesses
- Check PointEnterprise email security, managed
- EnquirePer endpoint/mo, resold & managed
- ManagedConfigured, tuned & monitored by us
“We have spam filtering” is not an email-security programme.
Business email compromise doesn't look like spam. It looks like your supplier, your CEO, or your bank, sent from a lookalike domain that passed every default check. Default mailbox filtering was built for volume, not for the one targeted email that matters.
Layers your default filter was never built to run.
Each layer closes a gap the one before it leaves open. Nothing relies on a single check passing.
- 01
We assume the default filter already failed
Advanced threat protection sandboxes attachments and rewrites links, catching what a bulk-spam filter was never built to see.
- 02
We stop your own domain being spoofed
SPF, DKIM and DMARC are enforced, not just configured, so a lookalike send of your own domain is rejected outright.
- 03
We hunt impersonation, not just malware
Business-email-compromise detection flags the language patterns and lookalike domains a virus scanner has no reason to check.
- 04
We close the loop with your people
A one-click report button feeds every near-miss back into your awareness training, so the human layer keeps improving.
6 controls. One accountable partner.
Every line below is deployed, monitored, and maintained by us — not a part-time attention split across your other vendors.
Deployed and maintained by usEmail Security — Inclusions Ledger
- Advanced threat protection (attachment sandboxing, link rewriting)Content is detonated and links checked at the moment of click, not just at delivery.
- SPF / DKIM / DMARC enforcement on your domainEnforced, not merely configured — a spoofed send of your own domain is rejected.
- Business-email-compromise & impersonation detectionFlags the lookalike domain and the language pattern, not just the malware.
- Quarantine management, tuned to your businessFalse positives are tuned out over time instead of trained staff ignoring every warning.
- One-click phishing reporting, staff-facingFeeds every near-miss back into your awareness-training loop.
- Monthly filtering & incident reportWhat was stopped, what was reported, and what changed — in plain English.
What gets through, layer by layer.
Start at the default filter everyone already has. Watch the gap close as each layer is added.
- L0Gap remains
Default mailbox filter
Stops
- ✓ Bulk spam
- ✓ Known malware attachments
Still gets through
- Lookalike-domain BEC
- Invoice-fraud requests
- Credential-phishing links
- Executive impersonation
- L1Gap remains
Advanced threat protection
Stops
- ✓ Malicious attachments, sandboxed rather than just scanned
- ✓ Malicious links, rewritten and checked at click-time
Still gets through
- Lookalike-domain BEC
- Executive impersonation
- L2Gap remains
Domain authentication (SPF / DKIM / DMARC)
Stops
- ✓ Spoofed sends of your own domain
Still gets through
- Lookalike-domain BEC
- Executive impersonation
- L3Fully closed
Impersonation & BEC detection
Stops
- ✓ Lookalike-domain BEC
- ✓ Executive-impersonation language patterns
- L4Fully closed
The reporting habit
Stops
- ✓ The one that still looks legitimate — reported by a trained employee before anyone acts on it
We don't describe the work. We show it.
A lookalike domain, one character different, caught before the transfer.
- An email from a domain one character removed from a real counterpart requested updated trust-account details.
- Domain-authentication enforcement flagged the send as failing DMARC alignment.
- The email was quarantined before it reached the trust-account administrator.
The fraudulent transfer was never initiated, and the firm's professional-indemnity insurer was notified as a non-event.
Also part of Cybersecurity
The next targeted email is already written. Make sure it never lands.
A Cyber Risk Assessment shows exactly where you stand, and what it takes to close it. Credited toward your first year of protection.