Skip to main content

TAP for Employees

Targeted Attack Protection (TAP)

About TAP

Proofpoint's TAP service analyzes links in emails by checking the intended site for malicious content.

When TAP detects a hyperlink in a plain-text email, it will rewrite the URL in plain text. In this case, you will see the rewritten URL directly in the body of the email.

If a URL is embedded and you hover over the link, the URL displayed will show the destination URL rewritten as a Proofpoint URL. The URL will function normally from the user’s perspective.

Proofpoint URLs will begin with https://urldefense.proofpoint.com. If you were to receive an email sent from someone outside of Fordham University that included a link to the EDUCAUSE homepage, you would notice the following:

  • Display URL (what you will see in the email): www.educause.edu
  • Embedded URL (what you will see if you hover your mouse over the link in the email): https://urldefense.proofpoint.com/v2/url?=http-3A__www.educause.edu&[….]

You may notice a one or two second delay while a web page loads after clicking on a rewritten link deemed safe by Proofpoint.

If you click on a rewritten link deemed malicious by Proofpoint or Fordham IT, a warning page will appear.

Targeted Attack Protection does not mean every link is safe for clicking. Exercise caution for any link in a questionable email. 

For more information on TAP, view our Targeted Attack Protection User Guide. Questions? Call IT Customer Care.