Dangerous emails containing links that look “legitimate” but are actually malicious remain one of the most dangerous yet successful tricks in a cybercriminal's handbook. Now, an AI startup called Bolster that has built a novel approach to combating that trick has launched a popular free phishing portal called (appropriately) CheckPhish, which it runs, and funding to expand its efforts. He raised $14 million. Main paying customers: Brands and other businesses.
Microsoft's venture fund M12 led the round as the company's new backer, with participation from Thomvest Ventures, Crosslink Capital, Liberty Global Ventures, Cheyenne Ventures, Cervin Ventures, and Transform Capital. Bolster has not disclosed its valuation, but has raised approximately $40 million to date.
Bolster's business model is based on providing brand and URL checking services to companies that spend a lot of time sending emails to customers, which malicious hackers can imitate to deceive people or use their own products. They are easy targets for copying brands to sell products. (The company's client list includes big names like Dropbox, Uber, LinkedIn, and Coinbase.) According to the Cybersecurity Infrastructure Security Agency, phishing can be used to attack all types of attacks, including data breaches, network intrusions, device viruses, and more. It is responsible for over 90% of “cyber attacks” in Japan.
The ability to set up suspiciously similar domain pages for these companies and use them to launch malicious phishing campaigns has become very cheap and easy to do.
“There are tools you can buy for $10 or $20 to launch a phishing attack,” Bolster CTO Shashi Prakash, who co-founded the company with CEO Abhishek Dubey, said in an interview. Malicious hackers are experts in using AI to create realistic login pages for banks, for example, and use phishing-as-a-service to launch these attacks “within minutes.” .
These are becoming more sophisticated and more targeted over time, he said. One of his most recent examples is a case in which his CEO of WPP, Mark Read, was at the center of a money fraud. This sounds unlikely when you read it, and it did fail, but it's just an indication of where these scams are headed.
Bolster's approach uses machine learning algorithms and AI techniques to track the broader internet, including URLs, domain registration databases, conversations on public and private forums and social media platforms, and emails (when working with clients), to detect fraud. It's a continuous operation. Once we identify suspicious links, we shut them down at the root with automated removal.
This approach is notable because it complements the myriad email security products currently on the market that organizations employ to filter emails that reach individuals' inboxes. This remains important as his one mechanism to thwart phishing activities. But if these malicious links get through the gate without any hindrance, the idea here is that if a person clicks on the link, they may not be able to get anywhere.
Given that the broader funnel of email is extremely complex to contain, and hackers themselves are difficult to detect, identifying and shutting down the source of their activity is extremely valuable. This is one of the reasons Microsoft is investing.
“One of the benefits of Bolster is that we can automatically shut down the locations where these attacks occur, and where they are hosted,” said Todd Graham, Managing Partner at M12. said in an interview. “This is extremely important given the scale at which these criminal enterprises operate.” Prakash said Microsoft has not yet partnered directly with Bolster, but the investment signals future commitment. That's the idea.
Microsoft's interest is on several levels. The company is a major international brand in its own right, and operates a number of services that trigger emails to users (and I personally receive quite a few “account login” emails from Microsoft). (I can prove that it's a suspicious “Microsoft” link). In addition, the company provides cloud and managed and software services to a large number of enterprises, making it an important link to a large market of customers. Finally, as the company is making big moves to bring more AI into every aspect of its business, threat protection will inevitably have to be part of that equation.
Graham said that while the company is effectively just a B2B business, the CheckPhish tool also aims to scan websites rather than providing tools to individual users, but works with big brands by default. He added that the fact that they do so ultimately gives them a consumer-oriented perspective. It is intended to protect the customers of the business in question.
“If you're receiving a spoofed email claiming to be from Microsoft, but it's probably not, it's important to ensure that the email is detected if it's sent.” It’s in the best interest of Wells Fargo or any other company.”