Last updated

Email credibility check

Control user sign-ups from reputable email domains

Frontegg's email credibility check addresses the growing prevalence of increased data breaches, spam, phishing attacks, and other malicious activities associated with fraudulent accounts, often opened with suspicious email addresses. By identifying and blocking suspicious emails during the registration process, we help you safeguard your account from potential threats and maintain a secure user environment.

Once you enable the rule in your account, the email credibility check will run automatically every time a new sign-up is detected, thus ensuring a safer and more reliable platform for everyone.


How it works

Once the credibility check is enabled, whenever a user tries to sign up, the system will run a credibility check to ensure their email domain is reputable and will either Allow or Block the user from signing up. When the user is Allowed, they will see no friction and be allowed to continue to the app. If they are Blocked, they will not be able to complete the action.

Automating skip for white/black listed email addresses

You can set domains as whitelisted/blacklisted and exclude them from the credibility check.

Configuring email credibility check in the Frontegg portal

To enable this rule in your application, head over to your [ENVIRONMENT] ➜ Security ➜ Security rules** and click the Manage button next to the Email credibility check rule.

You will then need to fill in the required fields and decide whether to enforce Allow/Block behavior upon a user's sign-up detection. You can exclude email domains from the check by adding them under the Ignored emails section.

email-credibility-check-1

Security events

As a reminder, you can track the performance of suspicious email activity in your account in your Security Events dashboard.