Protecting companies<br class="notMobile"> against business email<br class="notMobile"> compromise attacks.
Protecting companies<br class="notMobile"> against business email<br class="notMobile"> compromise attacks.


Protecting companies
against business email
compromise attacks.


increase in invoice and payment fraud BEC attacks

on a yearly basis


Email Fraud. The Numbers.


100% Likelihood that the volume of BEC attacks will increase.

80%+ Companies being targeted by BEC scams.

50% Amount of all Internet crime losses generated by BEC.

<10% Chances of tracking or recovering funds


Email Fraud.
The Impact.

A Business Email Compromise (BEC) attack leads to the immediate pain of lost funds and research shows that losses through Vendor Email Compromise (VEC) attacks are 2x more substantial than other BEC fraud.

Just the tip of the iceberg.

However, direct losses are just the tip of the iceberg. Businesses will suffer additional financial and non-financial
damage through:

  • Fines, penalties and litigation costs
  • IT/ business crisis management and remediation
  • Business interruption and loss of focus
  • Damage to brand image and reputation
  • Customer churn

Understand the attackers

We classify email attacks into 3 types: impersonation attack, malware attack and phishing attack. While there are overlaps, it is important to recognise their peculiarities. Impersonation attacks are the most difficult to detect and prevent.



Email spoofing
Email account take-over (BEC)


Fake invoice attachment
Fake update to bank account & other key details
Secret acquisition scam
Urgent payment scam

"Known as"

BEC fraud
CEO fraud
CFO fraud
Employee fraud
Vendor/supplier fraud


Easy implementation

CSIS’s Email Fraud Protection solution is available as an application for Microsoft Office 365 and provides an added security layer to your existing email security and internal control systems. The software is installed directly on your Microsoft Office 365 instance, where it monitors and analyses all inbound, outbound and internal emails for indicators of fraud.

Learn more

Unique FraudLogiq Engine

One of the biggest challenges of addressing BEC is that these emails rely heavily on common language and leverage human nature to steal from their victims. As such, detection can be a challenge. 

Talos blog, 2021

We have assisted customers in more than 500 BEC fraud forensics cases. It is clear that 1) the fraudsters utilize psychology, and completely legitimate functions and features to defraud companies, and 2) this was quite easy to spot, once highlighted and compared to historical behavior.

Also, BEC fraud is only a real threat once funds are about to be transferred to the fraudsters. Unlike traditional email fraud solutions, EFP takes a bank account-centric approach. We combine payment details with the individual risk-profile of the emails containing those details and present the data to the accountant about to conduct the transfer or payment.

The software uses CSIS’s unique FRAUD LOGIQ engine to process data. It determines a risk profile for individual emails and invoices based on previously seen behavior, specific behavior commonly used in BEC fraud, CSIS’s unique Threat Intelligence, and even email security measures set up by your vendors/suppliers. The consolidated data is then presented on-demand in a payment situation to allow an accountant to easily determine if a payment is fraudulent, warrents further investigation, or is safe to pay.

The software is built and maintained by our fraud specialists in close collaboration with our customers, including international banks and finance professionals.

How EFP Works

1. Implementation
EFP is easy to install as a Microsoft Office 365 cloud app for the entire organisation. During setup, you can choose to protect all your organisation’s mailboxes, or you can individually enroll selected ones.

2. Handling
All inbound and outbound emails are monitored for financial content. Any emails with financial content are flagged and assessed for their risk level. Suspicious emails are detected, and selected employees can be alerted.
Non-suspicious emails are delivered and put on a watchlist for continuous monitoring for 7 days. A unique feature of EFP is that, during this time, the solution will provide an alert if any emails on the watchlist are flagged.

3. Integrations
The solution integrates with various online banking providers and selected online payment control systems. Through these integrations, users will be prompted with alerts in a familiar language and a known environment and can take the necessary actions from there.

We provide 24/7 support which our customers can rely on for product support and expert advisory services.


Detect fake invoices, even from compromised email accounts.

Rate every invoice for authenticity or indicators of compromise.

Monitor compromised emails from vendors, suppliers and internal accounts.

Scan emails continuously, including archived content and attachments.

Integrate easily with payment control systems.

Get 24/7 support, including expert advisory services.


"We worked with CSIS on an email forensics assignment that required millions of emails to be analysed in order to determine those of a malicious nature.
Leveraging CSIS’s email forensics platform, the work was executed efficiently and accurately."


Vice President IT, I&O. I Demant A/S

See us in action

Request an EFP demo for your organisation

Rest Assured.

We are The leader in actionable and intelligence-driven detection and response services.

Please select a country