Area 1 Security, a cybersecurity company offering AI-driven protections against phishing attacks, today announced it raised $ 25 million. A spokesperson said the funding will accelerate R&D and the expansion of Area 1’s go-to-market resources with a particular focus on an “aggressive multi-tier channel strategy,” after a sixth-month period during which the startup claims to have prevented $ 273 million in active financial cyber fraud and blocked millions of phishing attempts.
According to Verizon’s 2019 Data Breach Investigations Report, nearly one-third of all data breaches involved phishing in one way or another. That’s likely because users have a tendency to fall for attacks, studies show — KnowBe4 reports that 38% of employees who don’t undergo cyber awareness training fail phishing tests. Problematically, the pandemic appears to have worsened the onslaught, with companies like Google suggesting millions of COVID-19-related phishing scams are being perpetrated daily.
Area 1 has an interesting history. The company was incorporated in 2013 by Oren Falkowitz, Blake Darché, and Phil Syme, all of whom were formerly employed by the U.S. National Security Agency (NSA). In December 2018, Area 1 revealed a Chinese government cyber campaign targeting over 100 intergovernmental organizations, ministries of foreign affairs, ministries of finance, trade unions, and think tanks that ultimately led to the breach of a European Union (EU) diplomatic communications network. And in January 2020, the company uncovered a Rusian government phishing campaign targeting Burisma Holdings and its subsidiaries, the scandal-tied Ukraine firm that hired Hunter Biden, the son of former Vice President Joe Biden.
Area 1’s technology attempts to prevent phishing across email, social, web, and network vectors by integrating with cloud suites within less than a day. It operates on a unique pay-per-phish model — customers only pay for attempts it catches — and it ostensibly identifies and stops phishing up to 24 hours before it actually occurs.
Area 1’s cloud-based Horizon software detects and halts a range of phishing attacks including those carying ransomware and malware payloads. A business email compromise filter provides a measure of protectino for the C-Suite, while anti-web-phishing measures including page blocks and real-time notifications inform administrators of thwarted campaigns.
Horizon, which employs a distributed, recursive domain name service (DNS) for monitoring and detection, also protects mobile and roaming users from phishing attempts. (In a survey from Wandera, over half of all organizations said they’d experienced at least one mobile phishing incident last year.) Via integrations on network edge devices, it enhances defenses with preemptive actions using dynamic web crawling, instant link crawls, in-the-wild sandboxing, user impersonation, computer vision, and other techniques.
Under the hood, Horizon leverages declarative rules, supervised and unsupervised machine learning models, and lexical pattern assessments for attack correlation and emergent campaign identification that focus on small pattern analytics. Over 100 models in total continuously learn, score, and self-improve, taking into account variables like message bodies, network traffic, headers, attachments, payloads, and natural language. Sensors discover potential campaign infrastructure and aggregate attack data from relay points actors use to launch their campaigns; Area 1 says it crawls over 6 billion pages and 220 million top-level domains every few weeks to find tell-tale patterns it then stores in a 6-petabyte data warehouse of attack events, records, and more than 250 billion attack metadata records.
It’s Area 1’s assertion that this comprehensive automated approach to phishing threat prevention sets it apart from rivals like Inky, Vailmail, and Vade, among others. Last year, Area 1 claims to have stopped 42 million phishing attempts and processed more than 5 billion emails and 6 billion DNS requests.
ForgePoint Capital led this latest investment in Redwood, City-based Area 1, along with current investors Kleiner Perkins, Icon Ventures, and Top Tier Capital. It brings the company’s total raised to over $ 80 million following a $ 32 million series C in October 2018.
As a part of it, ForgePoint Capital cofounder and managing director Alberto Yepez will join Area 1’s board of directors. In addition, Patrick Sweeney, former CEO of Talari Networks (which Oracle acquired in 2019), was appointed as Area 1’s CEO.