Mirror

Mirror for Outlook provides Impersonation Attack protection for your for inbox. There are a variety of ways attackers can spoof an email to socially engineer a target into giving away critical information. Mirror addresses these attacks by analyzing messages using public lookups to validate the authenticity of the Sender of the message. Users can also request further verification from the email sender, requiring them to connect to a trusted social network in order to prove their identity.

There are a variety of ways attackers can spoof an email. The first check that is done is to make sure these headers are setup, and that the email content is secure, using SPF, DKIM, and DMARC checks. This doesn't prevent most attacks, however, because email identity can be easily spoofed. Therefore, we check other factors to evaluate if an email has been forged or not.

• Is there mismatched domain/header data?

• Does the header fingerprint match others on record?

• Has this user marked other messages as fraud?

• Has the email address been exposed in a public data breach?

• Is this email associated with any social networks?

• Does this person have a keybase.io account?

If you are unsure of the sender's identity, you can request further verification from the email sender. We send them a simple email asking them to prove their identity using a trusted third-party provider (like LinkedIn).

Mirror is also adding the use of a neural network to analyze an email's header information and generate a fingerprint for that email. This fingerprint will be compared to other emails sent by this user, and, along with third-party verification, represents a significant step forward in email identity security.