## Email credibility check ### Control user sign-ups from reputable email domains Frontegg's email credibility check addresses the growing prevalence of increased data breaches, spam, phishing attacks, and other malicious activities associated with fraudulent accounts, often opened with suspicious email addresses. **By identifying and blocking suspicious emails** during the registration process, we help you safeguard your account from potential threats and maintain a secure user environment. Once you enable the rule in your account, the email credibility check will run automatically every time a new sign-up is detected, thus ensuring a safer and more reliable platform for everyone. ### How it works Once the credibility check is enabled, whenever a user tries to sign up, the system will run a credibility check to ensure their email domain is reputable and will either **Allow** or **Block** the user from signing up. When the user is **Allowed**, they will see no friction and be allowed to continue to the app. If they are **Blocked**, they will not be able to complete the action. Automating skip for white/black listed email addresses You can set domains as whitelisted/blacklisted and exclude them from the credibility check. ### Configuring email credibility check in the Frontegg portal To enable this rule in your application, head over to your [ENVIRONMENT] ➜ Security ➜ Security rules** and click the **Manage** button next to the Email credibility check rule. You will then need to fill in the required fields and decide whether to enforce **Allow/Block** behavior upon a user's sign-up detection. You can exclude email domains from the check by adding them under the **Ignored emails** section. ![email-credibility-check-1](/assets/email-credibility-check-1.7c7ef6e272e8f594a63fc27aad2af2fc2e8c2cf16edaef22ad9e6e06875c21d0.36f325d1.png) ### Security events As a reminder, you can track the performance of suspicious email activity in your account in your [Security Events](/ciam/guides/security-center/overview) dashboard.