A dubious email with a link that appears “legit” but is actually malicious continues to be one of the riskiest, yet most effective, strategies in a cybercriminal’s toolkit. Recently, Bolster, an AI startup that developed a unique method to combat that trick, raised $14 million in funding to expand its work. Its main paying clients are brands and other businesses, and it also operates the well-known free phish-checking portal CheckPhish.
Along with Thomvest Ventures, Crosslink Capital, Liberty Global Ventures, Cheyenne Ventures, Cervin Ventures, and Transform Capital, Microsoft’s venture fund M12 led the round as a new investor in the business. Despite not revealing its worth, Bolster has raised almost $40 million to date.
Bolster’s business strategy revolves around offering brand and URL checking services to companies that send out a lot of emails to their clients. These companies are therefore easy targets for malicious hackers who either copy their branding to sell their own products or impersonate them in an attempt to trick customers. (Notable companies like Dropbox, Uber, LinkedIn, and Coinbase are among its clientele.) The Cybersecurity Infrastructure Security Agency claims that over 90% of all “cyberattacks,” which could involve device viruses, network intrusions, or data breaches, begin with phishing.
It is now incredibly cheap and simple to build up suspiciously similar-looking domain pages for these companies and use them for nefarious phishing activities.
“You can buy tools for $10 or $20 to start phishing attacks,” Bolster CTO Shashi Prakash, who co-founded the business with CEO Abhishek Dubey, stated in a conversation. Since malevolent hackers are more proficient in the usage of AI, they can now craft plausible bank login screens and launch attacks “within minutes” by using phishing-as-a-service.
He claimed that over time, these had grown more advanced and focused. One such instance occurred recently when Mark Read, the CEO of WPP, became the target of a money-laundering scheme. When you read that out, it seems unlikely, and it was a failure, but it only illustrates the direction that these scams are taking.
In order to continuously identify scam operations, Bolster’s approach uses machine learning algorithms and artificial intelligence (AI) techniques to track the internet, including URLs, domain registration databases, conversations in open and closed forums and social media platforms, as well as emails (when working with a client). It uses automated takedowns to shut down dubious links at their source after identifying them.
The strategy is noteworthy because it works in tandem with the plethora of email security technologies currently available on the market, which are used by businesses to assist in filtering emails as they enter a user’s inbox: That’s still a crucial defense against phishing attempts. The idea here is that even if someone does click on a link, they might not get anywhere if those malicious links manage to get past the gates unhindered.
Since hackers can be difficult to locate and the wider funnel of email can be difficult to control, locating and stopping the source of their activities becomes extremely valuable.
According to Todd Graham, managing partner at M12, “one of the advantages that Bolster has is its ability to automatically shut down where these attacks are originating from, they can shut down where those are hosted.” “Considering the size at which these criminal enterprises operate, that is extremely important.” According to Prakash, Microsoft does not currently collaborate directly with Bolster, but this investment is meant to be an indication of how they might in the future.
Microsoft would be interested in this on two fronts: The corporation is a well-known global brand in and of itself, and it offers a variety of services that cause consumers to receive emails (I can personally speak to receiving far too many emails asking for an account login from dubious “Microsoft” URLs). Additionally, it serves as a cloud, managed, and software service provider for other companies, making it a crucial conduit to a vast pool of potential clients. Finally, it’s taking a significant step to integrate more AI into every facet of its operations, which means that threat protection will unavoidably need to be considered.
Even though the CheckPhish tool is designed to scan websites rather than provide tools to individual users, Graham noted that the company is essentially only a B2B enterprise. However, because it defaults to working with large brands, it has a consumer perspective because its ultimate goal is to protect the clients of the relevant business.
“It is in the best interest of Microsoft, Wells Fargo, or whoever, to make sure that the email, if it does go out, gets noticed if you are receiving an impersonated email that claims to be from Microsoft, but it probably isn’t.”