TAP for Employees
Targeted Attack Protection (TAP)
Proofpoint's TAP service analyzes links in emails by checking the intended site for malicious content.
When TAP detects a hyperlink in a plain-text email, it will rewrite the URL in plain text. In this case, you will see the rewritten URL directly in the body of the email.
If a URL is embedded and you hover over the link, the URL displayed will show the destination URL rewritten as a Proofpoint URL. The URL will function normally from the user’s perspective.
Proofpoint URLs will begin with https://urldefense.proofpoint.com. If you were to receive an email sent from someone outside of Fordham University that included a link to the EDUCAUSE homepage, you would notice the following:
- Display URL (what you will see in the email): www.educause.edu
- Embedded URL (what you will see if you hover your mouse over the link in the email): https://urldefense.proofpoint.com/v2/url?=http-3A__www.educause.edu&[….]
You may notice a one or two-second delay while a web page loads after clicking on a rewritten link deemed safe by Proofpoint.
If you click on a rewritten link deemed malicious by Proofpoint or Fordham IT, a warning page will appear.
Targeted Attack Protection does not mean every link is safe for clicking. Exercise caution for any link in a questionable email.