Add user to the impersonation registry
Attackers often try to impersonate executives within an organization when sending malicious emails (with requests about banking information, trade secrets, and more), which is known as a Business Email Compromise (BEC) ↗ attack.
The impersonation registry protects against these attacks by looking for spoofs of known key users in an organization. Information about key users you either synced with your directory or entered manually in the dashboard is used by Email Security to run enhanced scan techniques and find these spoofed emails.
To add a user to the impersonation registry:
- Log in to Zero Trust ↗.
- Select Email Security.
- Select Settings > Impersonation registry.
- Select Add a user.
- Select Input method: Choose between Manual input, Upload manual list, and Select from existing directories:
- Manual input: Enter the following information:
- User info: enter a valid Display name.
- User email: Enter one of the following:
- Email address: Enter all known email addresses, separated by a comma.
- Regular expressions: Must be valid Java expressions.
- Upload manual list: You can upload a file no larger than 150 KB containing all variables of potential emails. The file must contain
Display_NameandEmail, and the first row must be the header row. - Select from existing directories:
- Select directory: Select your directory.
- Add users or groups: Choose the users or groups you want to register.
- Manual input: Enter the following information:
- Select Save.
For more information on how to edit and remove users, refer to Impersonation Registry.