Email Security Blog

Protecting Internal Email Traffic from Account Takeovers

Stop Impersonators Even If They’re Already Inside

When successful, online imposters acting as company managers or executives can do more financial harm to a business than any other type of cybercrime. Once they have control of a high-profile email account and act as a company authority, these imposters direct wire transfers, facilitate fictitious vendor payments, and more.

To gain control of email accounts, hackers are using credential harvesting emails and websites, password spraying, credential stuffing, social engineering, dark web data breach purchases, and other attack vectors.


A Cut Above the Rest

Unlike most solutions, Internal Email Protection doesn’t simply rely on examining URLs and sender addresses to stop phishing emails. Instead, Internal Email Protection uses a combination of sophisticated approaches and builds dynamic profiles or behavior models to detect and block impersonation attempts.


Immediately after installation, Internal Email Protection begins tracking who sends and receives emails to whom and creates a social graph. By plotting out the various interconnections among different people, groups, and organizations within a network, impersonators become more obvious. 


Your word choices, sentence structure, and even the breadth of your vocabulary are all indicators of who is writing what. Internal Email Protection establishes a profile for what an email from a particular sender should look like and then gets to know users so that impersonators are easy to spot.


As the name suggests, machine learning is the way in which computer systems use algorithms and statistical models to learn from the patterns in data. The continuous data coming from social graphing and stylometry ensures Internal Email Protection gets smarter all the time. 


The Cost of Vulnerability

In 2021, the IC3 received 19,954 Business Email Compromise (BEC)/Email Account Compromise (EAC) complaints with adjusted losses of nearly $2.4 billion.1 In most cases, stolen funds are immediately transferred to cryptocurrency wallets and dispersed, making recovery efforts more difficult.

Hackers often start with social profiling so they know who they should impersonate. Some take an additional step and hack into virtual meetings with a fake profile to instruct individuals they’ll be emailing an important request. Then, they unleash their phishing emails and convince recipients to make all sorts of costly mistakes, including:

- Conducting fraudulent wire transfers
- Providing access online banking accounts
- Paying phony invoices
- Ordering goods through a company’s merchant account
- Unlocking corporate records and sensitive data
- Stealing loyalty points
- Harvesting customer data

Want to see Internal Mail Protection in action and get a full walk-through of INKY's Email Security Platform? Schedule your free demonstration today.



INKY is an award-winning, behavioral email security platform that blocks phishing threats, prevents data leaks, and coaches users to make smart decisions. Like a cybersecurity coach, INKY signals suspicious behaviors with interactive email banners that guide users to take safe action on any device or email client. IT teams don’t face the burden of filtering every email themselves or maintaining multiple systems. Through powerful technology and intuitive user engagement, INKY keeps phishers out for good. Learn why so many companies trust the security of their email to INKY. Request an online demonstration today.