Home » Categories » Email and Messaging

Proofpoint - Targeted Attack Protection (TAP) for external email

Article ID: 420 | Last Updated: Fri, Aug 19, 2016 at 10:05 AM

Proofpoint (TAP) is a new service which filters for phishing email messages to help protect users from malicious URLs.

Introduction

To protect Clemson account holders and the university’s network, CCIT will soon employ an email security product called Targeted Attack Protection (TAP) from the security company Proofpoint to scan all external email.

Cybercriminals commonly send malicious  hyperlinks via email in order to infect computers with malware or direct users to websites designed to trick them into revealing their account credentials. This system protects users by blocking links to known malicious websites.

TAP works behind-the-scenes, which means you do not need to do anything to activate or take advantage of the system.

How does Proofpoint TAP work?

Proofpoint URL Defense will route all incoming external email traffic through special servers that will rewrite all URLs to initially go to Proofpoint.  The link will be scanned and if it is safe, the new Proofpoint URL will redirect to the requested webpage.  If the link is not safe, a notification will be displayed that the website has been blocked.

Proofpoint URLs will begin with https://urldefense.proofpoint.com.

What email is scanned?

Clemson's Proofpoint system only scans email that is sent to your '@clemson.edu' email address from an external non-Clemson email address.  Messages sent between Clemson accounts or directly to your Google Apps for Education account will not be scanned, therefore the hyperlinks in these emails will still pose the risk of phishing. 

What do rewritten hyperlinks look like?

The easiest way to see that Proofpoint is working is to hover over a URL in an email you have received. The URL displayed will begin with “urldefense.proofpoint.com” before the rest of the URL name and a string of numbers and letters.

Example: 

What message will I receive when a website is blocked?

 Proofpoint Blocked Message

What should you do if you receive the blocked message?

If the email came from someone you know, please advise them of the problem. The site will continue to be blocked until the security issues are resolved.

Will I see any difference when I click on a URL?

When you click on a URL you will see a brief display of the URL before being redirected to your destination.

Will plain-text emails look different?

Emails sent and received in plain text do not include HTML markup, such as embedded URLs. When TAP detects a hyperlink in a plain-text email, it will rewrite the URL in plain text. In this case, you will see the rewritten URL directly in the body of the email.

Will my email attachments be changed?

At the current time, Proofpoint will not scan or change email attachments.  
Posted - Tue, Aug 16, 2016 at 9:26 AM.
Filed Under: Email and Messaging
Attached Files
There are no attachments for this article.
Related Articles RSS Feed
HOW TO: Configure Email clients for Exchange in Windows
Added on Tue, Oct 18, 2016
Email and Accounts
Added on Tue, Oct 6, 2020
Using Gmail in a separate email client
Added on Tue, Sep 13, 2016
Add a new Clemson Exchange profile to Outlook - Windows and Mac
Added on Wed, Nov 6, 2019
OVERVIEW: Blocked Email Attachment Extensions
Added on Tue, Oct 18, 2016
OVERVIEW: Blocked Email Extensions
Added on Fri, Dec 5, 2014
New Student Gmail
Added on Tue, Jul 21, 2020
HOW TO: Repair Outlook Data Files (.pst and .ost) in Outlook 2016 and Outlook 2013
Added on Tue, Oct 25, 2016
HOW TO: Configure Email clients for Exchange in macOS
Added on Tue, Oct 18, 2016
OVERVIEW: Information on Blocked Emails
Added on Thu, Sep 8, 2016