Skip to content

Impersonation Protection and VIP Management

Impersonation Protection detects phishing emails that pretend to come from well-known brands or important people within your organization.


This option is only available with an Email Advanced license.

Impersonation Protection looks for two types of impersonation:

  • Imitation of a well-known brand, often a financial organization or online shopping site.
  • Use of the names of important people in phishing emails. You can add names in VIP management.

Impersonation Protection is turned on by default and controlled by Email Security policy settings. See Email Security policy.

This video provides an overview of Impersonation Protection, including its function, its configuration, where to view detections, and more.

VIP management

You can enter up to 500 email addresses of very important people (VIPs) in your organization on the VIP management page. Emails are monitored for signs of impersonation of these addresses.

Go to My Products > General Settings > VIP management.

You can manually add email addresses with the Add VIP function.

The Help me find VIPs function searches a connected Active Directory (AD) service for high-risk users. The more information you’ve added to your AD entries (for example job titles), the better the results are. You then select users from the search results.