Trend Micro Email Security allows you to specify high profile external domains, for example, your partners' domains or domains of famous brands, which are likely to be forged into cousin domains for spam, phishing, and BEC attacks, for example, vendor frauds.
A cousin domain (or look-alike domain) is a domain that looks deceptively similar to a legitimate target domain, which is well-known or familiar to users. Cousin domains are often used in phishing attacks to steal sensitive or confidential information from users. Cousin domains are usually created by replacing one or more characters (for example, replacing the letter "l" with the number "1") or adding or removing an extra character in the domain name. Without careful inspection of the email addresses, users may not notice the trick and think that an email message is sent from a legitimate domain being forged.
By leveraging the Trend Micro Antispam Engine, Trend Micro Email Security can scan domains in email messages (the from and replyto headers) based on the settings you configure to detect cousin domains of these high profile domains and prevent users from spam, phishing and BEC messages.