Return Path Launches Beta of New Email Threat Intelligence

Posted by Ash Valeski 

The Email Fraud Protection team is excited to announce the beta launch of our enhanced Email Threat Intelligence platform. Now, you can detect and mitigate more threats more quickly (and accurately!) than ever before.

For years, Return Path has helped companies fight the impact of email fraud by leveraging the value of the DMARC (Domain-based Message Authentication Reporting and Conformance) standard. Implementing a DMARC “reject” policy is still the best way to block phishing attacks spoofing your domains before they reach customer inboxes.

But there isn’t a silver-bullet solution to email fraud. And DMARC is no exception.

Our Email Threat Intelligence solution fills the gaps in protection, both before you can protect your domains with a DMARC “reject” policy and after you are at “reject.”


Screen-Shot-2016-07-06-at-12.27.13-PMFight Attacks Before “Reject”
Moving to a DMARC “reject” policy too quickly can spell disaster for your unauthenticated legitimate messages, which is why we recommend implementing a DMARC monitor, or “p=none” policy. Doing so gives you the visibility you need to clean up your email authentication before instructing mailbox providers to block all unauthenticated messages from the inbox.

During this time, however, your domains remain vulnerable to phishing attacks. Our Email Threat Intelligence can protect you before you move to “reject.” We do so by leveraging data from our proprietary Consumer Network (over 2M+ consumer inboxes from around the world, including Gmail inboxes), from customer abuse inboxes (ex., and from the Return Path Provider Network.

These additional sources allow us to detect 25x more threats beyond DMARC forensics alone. We detect all threats in real-time using supervised machine learning and immediately distribute malicious URLs for takedown, empowering you to protect your company immediately, as you work to implement DMARC.

Fight Attacks After “Reject”
In addition to protecting your company before you get to “reject,” Email Threat Intelligence protects your company from all the threats DMARC does not address.

Once a company is at “reject,” cybercriminals change phishing tactics. They move away from spoofing your domains to spoofing your brand in other ways (in the Display Name, subject line, and more) using domains your company does not own.

Our solution defends your company against all threats facing your company—those spoofing your domain and those spoofing your brand.

You see benefits both before your domains are protected by a DMARC “reject” policy, and after they are protected. Specifically, Email Threat Intelligence offers:

1) More intelligence into unique threats targeting your brand
Our proprietary Consumer Network and Provider Network data, along with customer abuse feeds, detect all email threats, beyond those identified in DMARC forensic reports.

2) Accurate and timely intelligence
Real-time threat and brand detection models provide accurate visibility into domain and brand spoofing attacks. Our flexible date ranges reveal up to 60 days of data, allowing you to analyze a larger pool of threats and zero in on a particular range.

Screen-Shot-2016-07-06-at-12.27.21-PM3) Actionable intelligence
You can filter threats by data source and threat probability score. We also provide visibility into subject lines, sending IPs, URLs, and attachments within malicious emails. Detected URLs are automatically sent to takedown vendors for mitigation.

Understand the origin and attributes of malicious messages

4) Integrated intelligence
You can integrate threat intelligence with your existing security systems through a RESTful API and correlate threats sent to you by your customers via an abuse alias (ex.

Ready to see Return Path’s Email Threat Intelligence in action? Request a demo here.

Author Image

About Ash Valeski

As a Senior Product Manager for Return Path’s Email Fraud Protection group, Ash is responsible for the product road map, strategy, and execution of a SaaS product used by global brands to protect their customers from email fraud. He has more than 15 years of experience in product management, marketing, and business development working at companies like Microsoft, Skype, and Tellme Networks.

Author Archive