Information Technology Services

Proofpoint Email Protection

During this time of virtual living and working, phishing scams are rampant across the world. In an effort to help protect user accounts and data, Brandeis uses Proofpoint email protection for faculty and staff accounts. 

Proofpoint URL Defender

The security team recently enabled additional email protection in response to increased sophisticated phishing and other attacks. Proofpoint, our email security vendor, protects against malicious embedded links. It automatically scans email messages and then rewrites the URLs associated with the links so they are visible to recipients and safe to click. 

Messages originating from and messages sent using the Slate (Technolutions) platform avoid the scanning and rewriting process. This “trusted source” security exception, approved by University leadership, was implemented to facilitate communication from platforms managed internally by Brandeis. 

Why was Proofpoint URL Defense added? 

Brandeis has seen a sharp increase in the number and sophistication of email phishing attempts. Many unsuspecting users click on links that, at first glance, appear to be from a trusted source, only to discover their credentials or other personal information was compromised. Unfortunately, several successful phishing attacks have resulted in significant monetary losses and an increased risk of data disclosure to the University. It is vital that we do all we can to reduce this risk.

How does Proofpoint URL Defense work? 

Proofpoint URL Defense increases network security by making URLs visible to users so they can quickly detect false or malicious links. It scans emails received on the domain to ensure any included links are safe and then rewrites the URL. Rewritten links start with Although the visible link text appears as a hyperlink, users will see it rewritten to include https// when they hover their mouse over that link. 

Proofpoint In Action


InBrief article with links written out as text

In the above example, URL Defense has successfully scanned for malicious links and rewritten the URLs to make them visible to recipients. These links are now safe to click

Here’s what URL Defense does with each email:

  1. A link is detected by Proofpoint and scanned for malware. 
  2. The linked URL is displayed as text.
  3. The URL is rewritten and visible when hovering over the link (#1 and #2)


Please Note: While ProofPoint's URL Defense mitigates the threat of malicious links in email, it doesn't guarantee that every link contained in the incoming, external email to is safe to click. Please continue to exercise caution when inspecting URLs embedded in email and attachments. 

About Proofpoint

Proofpoint serves as an additional layer of protection to your account. Proofpoint safeguards you and your email in two ways. First, the email filtering system will automatically determine if an email is spam (e.g., marketing, cold sales, etc.) or bulk (e.g., newsletters, other mass mailings, etc.) and will quarantine the message(s). By default, spam email is automatically filtered (per ITS Security requirement). You can, optionally, enable the bulk email filter that identifies messages from mass mailings (e.g., newsletter). You can control what reaches your mailbox including the ability to manage lists of allowed and blocked addresses. 

In addition to email filtering, Proofpoint provides security protection for all website links in an email message. When clicking on a URL, it will pass through Proofpoint's layer of security to verify if it is a known malicious link; if deemed to be safe, the site will load as expected. The use of Proofpoint URL protection works seamlessly and in the background for all users.

Where can I learn more?

Visit the email protection webpage which includes getting started guides and video tutorials for email digest, web digest and FAQs. If you have any questions about Proofpoint and general security practices, please contact