Defend humans and agents against modern cyber threats across email and collaboration channels.
Protect the data that powers human and AI collaboration​.
Leverage Proofpoint’s market-leading technologies powering cybersecurity for people, data and AI.
Activate industry-leading threat protection delivered via API or Gateway.
Protect your brand reputation, increase deliverability and identify domain lookalikes.
Turn your workforce into your first line of defence with targeted, behaviour-changing security awareness training.
Secure your application email and accelerate DMARC implementation.
Detect, investigate, and respond to account takeovers.
Transform DLP with a modern platform that prevents data loss across email, cloud, and endpoints.
Prevent misdirected emails and hidden exfiltration of sensitive data.
Get visibility into risky behaviour by careless, malicious and compromised users.
Discover, classify and protect sensitive data across cloud and hybrid environments.
Capture, retain and discover digital communications intelligently to ensure compliance.
Advanced AI and threat intelligence to detect threats and assess data risk.
Integrated control points to protect people and data, wherever work happens.
The power behind agentic security operations.
Enabling the channel. Safeguarding humans and agents.
Give your team access to expert guidance while they manage daily operations of your Proofpoint platform.
Gain a high-touch strategic partnership with a team of Proofpoint specialists who optimise your security and monitoring.
Empower your workforce with safe GenAI practices.
Implement the best security and compliance solution for Microsoft 365.
Stop attacks by securing ransomware's top vector.
Protect your people from email and cloud threats with an intelligent and holistic approach.
Keep your people and their cloud apps secure by eliminating threats and data loss.
Help your employees identify, resist and report attacks before the damage is done.
Manage risk and data retention needs with a modern solution.
Protect your email deliverability with DMARC.
Enable your agency with cybersecurity built for federal government environments.
Protect your campus, people, data, and research with advanced security.
Safeguard your clinicians, patient data, and intellectual property from advanced threats.
Deliver secure, high-performance email protection for your networks and customers with Cloudmark.
Secure your institutions, services, and communities against cyber threats.
Protect your institution while meeting regulatory and compliance requirements.
Secure your messaging environments and protect subscribers at scale.
Strengthen your business with enterprise-grade security built to grow with you.
Learn how organisations use Proofpoint to strengthen their cybersecurity, protect their data, and reduce risk.
See how our innovation and leadership have been recognised across the industry by leading analysts and publications.
Stay up to date on emerging cyber threats with insights from our industry-leading threat research team.
Evaluating cybersecurity vendors? Check out our side-by-side comparison of Proofpoint vs. competitors.
Keep up with the latest news and happenings from our industry-leading experts.
Earn your certification to become a Proofpoint Certified Guardian.
Connect with peers in person and learn from the experts.
Browse our webinar library to learn about the latest threats and issues in cybersecurity.
Listen to expert conversations and insights on cybersecurity trends, threats and best practices.
Read how our customers solve their most pressing cybersecurity challenges
Learn about the latest security threats and techniques.
Stay informed with our renowned threat researchers.
Join our virtual event series on the industry's most pressing topics.
Gain insight through actionable threat intelligence and expert analysis.
Learn about the executive team leading Proofpoint’s strategy and vision.
Read the latest press releases, news stories and media highlights about Proofpoint.
Learn about how we handle data and make commitments to privacy and other regulations.
Learn how we apply our environmental, social, and governance principles to positively impact our community.
Stand out and make a difference at one of the world's leading cybersecurity companies.
Reports of messaging abuse and smishing continue to increase at a rapid pace. Since the beginning of May, reports of U.S.-based abusive messages have grown by 39%, and Proofpoint threat engineers are observing a significant increase in one specific subtype. Reported MMS (multimedia messaging service) abuse has increased by 220% over the same period. These messages use images and/or graphics to trick subscribers into providing confidential information or entice them into falling for other scams. 
MMS-based abuse represents a burgeoning attack vector. In the past 18 months, subscriber reports of unwanted MMS messages have grown from far less than 1% of all reports in January 2023 to more than 21% in October of this year. Since January of this year, reports of unwanted MMS messages have grown by a staggering 429%. 
MMS is built on the same technology as SMS (short messaging service) and allows mobile subscribers to send and receive pictures, audio and video content. Today in the United States, subscribers often use MMS without even realizing it. We often combine SMS and MMS and simply call it “mobile messaging.” 
We have written in the past regarding how quickly users read and respond to mobile messages.  Typically, mobile messages are read and replied to within three minutes, which is why mobile marketing works so well. Threat actors are now starting to embed images to add a level of perceived authenticity to their scams as they impersonate businesses, public or governmental representatives, or otherwise entice subscribers to fall for scams.   
Imaging impersonation and abuse comes in a variety of types. The following are just a few examples of some recently observed scams. 

MMS message impersonating Jerome Powell of the Federal Reserve Bank. 

MMS message impersonating FedEx and an official-looking waiver document. 

MMS message impersonating PayPal and an official-looking purchase verification. 

MMS message with pictures of a check with scam instructions. 
Smart devices are ubiquitous in the U.S., with more than 90% of Americans using an intelligent device capable of both sending and receiving images. Proofpoint threat analysts have witnessed similar image impersonation and scams in over-the-top (OTT) messaging platforms as well, such as WhatsApp and Line. Proofpoint is continuously enhancing threat detection and protection solutions to protect against evolving threats including those emerging in MMS. 
We often remind users to be suspicious of mobile messages and to follow the “do’s and don’ts” below.  It’s also very important to remain suspicious of messages that have authentic looking images. Just because the message includes an image or picture, that doesn’t mean it’s legitimate or that it was sent by a legitimate source. 
Explore the latest threat insights from Proofpoint. 
To learn more about Proofpoint mobile messaging solutions, visit the Cloudmark website. 

source