Area 1 Security, a cybersecurity company offering AI-driven protection against phishing attacks, has raised a $25 million round. A spokesperson said the funding will accelerate R&D and the expansion of Area 1’s go-to-market resources, with a particular focus on an “aggressive multi-tier channel strategy.” This comes after a sixth-month period when the startup claims to have saved $273 million in active financial cyber fraud and blocked millions of phishing attempts.
According to Verizon’s 2019 Data Breach Investigations Report, nearly one-third of all data breaches involved phishing in one way or another. That’s likely because users have a tendency to fall for such attacks. KnowBe4 reports that 38% of employees who don’t undergo cyber awareness training fail phishing tests. Problematically, the pandemic appears to have worsened the onslaught, with companies like Google suggesting millions of COVID-19-related phishing scams are being perpetrated daily.
Area 1 has an interesting history. The company was incorporated in 2013 by Oren Falkowitz, Blake Darché, and Phil Syme, who were formerly employed by the U.S. National Security Agency (NSA). In December 2018, Area 1 revealed a Chinese government cyber campaign targeting over 100 intergovernmental organizations, ministries of foreign affairs, ministries of finance, trade unions, and think tanks that led to the breach of a European Union (EU) diplomatic communications network. In January 2020, the company uncovered a Russian government phishing campaign targeting Burisma Holdings and its subsidiaries — the scandal-tied Ukrainian firm that hired former Vice President Joe Biden’s son Hunter Biden.
Area 1’s technology attempts to prevent phishing across email, social, web, and network vectors by integrating with cloud suites within less than a day. It operates on a unique pay-per-phish model — customers only pay for attempts it catches — and it ostensibly identifies and stops phishing attempts up to 24 days before they actually occur.
The company’s cloud-based Horizon software detects and halts a range of phishing attacks, including those carrying ransomware and malware payloads. A business email compromise filter provides a measure of protection for the C-Suite, while anti-web-phishing measures — including page blocks and real-time notifications — inform administrators of thwarted campaigns.
Horizon, which employs a distributed, recursive domain name service (DNS) for monitoring and detection, also protects mobile and roaming users from phishing attempts. (In a survey from Wandera, over half of all organizations said they had experienced at least one mobile phishing incident last year.) Via integrations on network edge devices, it enhances defenses with preemptive actions using dynamic web crawling, instant link crawls, in-the-wild sandboxing, user impersonation, computer vision, and other techniques.
Under the hood, Horizon leverages declarative rules, supervised and unsupervised machine learning models, and lexical pattern assessments for attack correlation and emergent campaign identification focused on small pattern analytics. Over 100 models in total continuously learn, score, and self-improve, taking into account variables like message bodies, network traffic, headers, attachments, payloads, and natural language. Sensors discover potential campaign infrastructure and aggregate attack data from relay points that actors use to launch their campaigns. Area 1 says it crawls over 6 billion pages and 220 million top-level domains every few weeks to find telltale patterns. It then stores this information in a 6-petabyte data warehouse of attack events, records, and more than 250 billion attack metadata records.
The Redwood, City-based company asserts this comprehensive automated approach to phishing threat prevention sets it apart from rivals like Inky, Vailmail, and Vade, among others. Area 1 claims to have stopped 42 million phishing attempts and processed more than 5 billion emails and 6 billion DNS requests last year alone.
ForgePoint Capital led the latest investment in Area 1, along with current investors Kleiner Perkins, Icon Ventures, and Top Tier Capital. This brings the company’s total raised to over $80 million, following a $32 million series C in October 2018.
As part of the round, ForgePoint Capital cofounder and managing director Alberto Yepez will join Area 1’s board of directors. Patrick Sweeney, former CEO of Talari Networks (which Oracle acquired in 2019), was also appointed to serve as Area 1’s CEO.