You have layered email authentication. You bought a spam filter. You ran the awareness training. A phishing email still gets through, looking like DocuSign or an internal HR notice. The layers above stop known threats. Phishing succeeds because the message is plausible enough to bypass SMTP filtering, the spam filter, and even the user. You need a layer that inspects what the link actually points at, at the moment the user clicks.
Phishing Protection sits inside DuoCircle's broader Protect group, alongside Spam Filtering (the two are often deployed together) and the upstream authentication products: DMARC Report and SPF Management (AutoSPF). Authentication tells receivers your domain is the real one. Spam Filtering catches the obvious junk and known-bad senders. Phishing Protection is the layer that handles what is left: messages that pass authentication, look plausible to a filter, and rely on the user clicking a link or opening an attachment.
The differentiator is what happens at click time. A URL that scanned clean at delivery can be weaponized half an hour later when the attacker flips the destination from a benign holding page to a credential-harvesting form. Click-time inspection is what catches that pivot.
Click-time URL inspection, ransomware and malware blocking, spear-phishing and BEC defense, display-name and look-alike domain detection, and a deployment that fits in front of Microsoft 365, Exchange, or any other hosted mail flow. No endpoint agents, no app to install, no re-architecting required.
Every link in inbound mail is rewritten so the destination is inspected at the moment a user clicks, not just at delivery. This catches the "looked clean at SMTP, became malicious thirty minutes later" attacks that fixed-time scanning lets through, and the user is blocked before reaching a weaponized destination.
Attachment scanning and URL inspection together stop the most common ransomware delivery patterns before payload detonation. Macro-bearing documents, weaponized PDFs, and second-stage downloaders all get caught at the gateway rather than at the endpoint, where remediation costs run an order of magnitude higher.
Targeted attacks that use real executive names, real vendor brands, and invoice attachments that are just slightly off get inspected against impersonation patterns rather than relying on signature-based malware detection. The wire-transfer fraud message that looks plausible to a finance team gets flagged before the click.
Catches the typosquats and Unicode look-alikes that slip past simple name-based whitelisting. The attacker who registers a Cyrillic-letter twin of your CEO's domain, the punycode lookalike of a vendor you actually pay, the display-name spoof that shows the right name with the wrong reply-to. All flagged at scan time.
Deploys in front of Microsoft 365, Exchange (on-premises or hybrid), or any other hosted email environment. Inserted as an MX-layer service. No agents on endpoints, no app to install, no migration project. Standing up the protection layer is a DNS change and a few mail-flow rules. (Not built for Google Workspace; see below.)
DuoCircle Phishing Protection is per-user, starting at $32/month for 10 users. Per-user rate steps down from $1.80 to $1.60 as team size grows. Up to 1,000 users on the public catalog; above that is custom.
Anti-phishing, ATP, spam filtering, DMARC reporting all bundled. SOC 2 Type II audited. 60-day free trial, no credit card.
Phishing Protection is priced per user. $32/month for the first 10 users, then $1.80 per additional user with volume discounts down to $1.60/user at 501+ users. A 250-user team costs about $464/month; a 1,000-user team is $1,616/month. Anti-phishing, ATP, spam filtering, DMARC reporting all bundled, no add-on fees.
Real-human mailboxes only. Aliases like sales@ and info@ are free; shared or group mailboxes accessed by multiple people bill at 50% of the per-user rate. Multi-domain pricing is separate — contact sales for a quote.
Yes. 60 days, no credit card required. Convert to a paid plan only after you add a payment method. The slider above shows the per-user math for any team size.
Yes, annual billing saves 15-20% versus monthly. Annual is set up via sales rather than self-serve checkout — contact us for the annual rate on your tier.
Mimecast Essentials and Proofpoint Essentials are roughly $3-6/user/month for the comparable bundle. DuoCircle Phishing Protection lands at $1.60-$3.20/user — roughly 30-50% of their rate, with SOC 2 Type II, DPA on request, and 24x7 support included.
Spam Filtering Gateway protects the entire domain at a flat rate ($495/year). Phishing Protection is per-user and adds Advanced Threat Protection features like impersonation detection, BEC defense, and click-time URL inspection. Teams typically run them together.
If you can use the online checkout, the price you see is the price you pay.
You need full vendor-managed phishing remediation, where our team triages and responds to incidents on your behalf. That is available through DuoCircle professional services rather than as part of the standard product. Talk to an Expert about scope and pricing.
You need a full Security Awareness Training platform with phishing-simulation campaigns, behavioral analytics, and curriculum-based modules. That is a different product category. We focus on stopping the attack at the technical layer, not on coaching the user to recognize the next one.
You are on Google Workspace. Phishing Protection is not the right fit. Google's built-in anti-phishing is genuinely strong on Workspace, and we do not think we add enough on top of it to justify the spend. Stay with what Google offers built-in. (Other DuoCircle products like DMARC Report and AutoSPF still apply on Workspace.)
Your built-in M365 anti-phishing is sufficient for your risk profile. Layering Phishing Protection on top is a real value-add, not a strict requirement. We would rather you pay for what you actually need.
When you contact us about phishing protection, you talk to an expert who has actually deployed phishing defense at customer scale. We tell you which layers you need and which you do not, even when the honest answer is that your current stack is already covering the threat model.
Reference calls with existing Phishing Protection customers are available on request. Most of our enterprise customers will not allow public logo use, but they will take a phone call from a serious prospect to vouch for what we actually do in production.
Same-day response. Real expert on the call. We tell you the threat model, the gaps, and what to fix first.