Email-Security

Invoice and payment redirection scams, often classified as Business Email Compromise (BEC), involve impersonation and email account compromise to redirect legitimate payments to attacker-controlled accounts. This SECMONS record explains how BEC works and how organizations can prevent financial loss.

Phishing is a social engineering technique where attackers impersonate trusted entities to steal credentials, deliver malware, or gain initial access. This SECMONS glossary entry explains phishing variants, operational impact, and defensive controls.

Operational playbook for responding to phishing incidents, including triage, containment, credential protection, investigation steps, and recovery actions for enterprise environments.

An Email Security Gateway is a cybersecurity system that analyzes and filters inbound and outbound email traffic to detect phishing, malware, spam, and other email-based threats before they reach users.