DMR News

Advancing Digital Conversations

Bolster, maker of CheckPhish, raises $14M led by Microsoft’s M12.

ByYasmeeta Oon

May 25, 2024

Bolster, maker of CheckPhish, raises $14M led by Microsoft’s M12.

A deceptive email containing a seemingly legitimate link, which is actually malicious, remains one of the most dangerous and successful tricks in a cybercriminal’s arsenal. An AI startup named Bolster, which has developed an innovative approach to combat this threat, has raised $14 million in funding to expand its efforts. This expansion includes enhancing its popular free phish-checking portal, aptly named CheckPhish, and serving its primary paying customers: brands and other businesses.

Bolster’s recent funding round was led by Microsoft’s venture fund, M12, marking their first investment in the company. Other participants included Thomvest Ventures, Crosslink Capital, Liberty Global Ventures, Cheyenne Ventures, Cervin Ventures, and Transform Capital. While Bolster has not disclosed its valuation, the company has now raised approximately $40 million in total.

InvestorInvestment Round
Microsoft’s M12Lead Investor
Thomvest VenturesParticipating
Crosslink CapitalParticipating
Liberty Global VenturesParticipating
Cheyenne VenturesParticipating
Cervin VenturesParticipating
Transform CapitalParticipating

Bolster’s business model revolves around providing brand and URL checking services to businesses that frequently email their customers, making them prime targets for malicious hackers. These hackers imitate legitimate businesses to trick people or replicate branding to sell their own products. Bolster’s client list includes notable names such as Dropbox, Uber, LinkedIn, and Coinbase.

According to the Cybersecurity and Infrastructure Security Agency (CISA), phishing is the starting point for more than 90% of all cyberattacks. These attacks can lead to data breaches, network infiltrations, or device infections. The ability to set up suspiciously similar domain pages for companies and use them to conduct phishing activities has become both cheap and easy.

  • Phishing attacks start over 90% of cyberattacks
  • Tools to launch phishing attacks can cost as little as $10 to $20
  • Bolster’s technology aims to identify and shut down these malicious operations

“There are tools that you can purchase for $10 or $20 to launch phishing attacks,” said Bolster CTO Shashi Prakash, who co-founded the company with CEO Abhishek Dubey. He explained that malicious hackers, now well-versed in using AI, create realistic login pages for banks and use phishing-as-a-service to launch these attacks “within minutes.”

Over time, these attacks have become more sophisticated and targeted. One recent example involved the CEO of WPP, Mark Read, who was at the center of a scam attempting to solicit money. While the scam was ultimately unsuccessful, it highlights the evolving nature of these threats.

Bolster employs machine learning algorithms and AI techniques to monitor the wider internet, including URLs, domain registration databases, open and closed forums, social media platforms, and emails when working with clients. This continuous monitoring helps detect scam operations, which Bolster then shuts down at their root through automated takedowns.

  • Continuous monitoring of the internet
  • Detection of scam operations using AI
  • Automated takedowns of malicious links

This approach complements the myriad email security products available today, which organizations use to filter emails as they enter inboxes. While email filtering remains crucial, Bolster’s technology ensures that if a malicious link bypasses these filters and a person clicks on it, they might not get anywhere because the link has been disabled.

Given the complexity of managing the email funnel and the difficulty in tracking hackers, identifying and shutting down the root of these operations is highly valuable. “One of the advantages that Bolster has is its ability to automatically shut down where these attacks are originating from,” said Todd Graham, managing partner at M12. “They can shut down where those are hosted. That is really, really important, given the scale at which these criminal enterprises operate.”

While Microsoft does not currently work directly with Bolster, Prakash indicated that this investment signals potential future collaboration. Microsoft’s interest in Bolster operates on several levels. As a major international brand, Microsoft sends numerous service-triggered emails to users, making it a prime target for phishing attempts. Additionally, Microsoft provides cloud and software services to many businesses, presenting a significant market of potential customers for Bolster.

Furthermore, Microsoft is integrating more AI into its business operations, making threat protection an essential component. Graham noted that while Bolster primarily operates as a B2B business, even the CheckPhish tool aimed at scanning websites, not individual users, its collaboration with big brands indirectly protects consumers.

  • Microsoft’s investment signals future collaboration potential
  • Microsoft’s extensive service email triggers make it a phishing target
  • Microsoft’s AI integration makes threat protection crucial

“If you are getting an impersonated email that claims to be from Microsoft, but it probably isn’t, it’s in the best interest of Microsoft or Wells Fargo or whoever to ensure that email, if it does go out, gets detected,” Graham said.

Bolster’s efforts extend beyond individual business protection. By partnering with major brands and utilizing advanced AI technologies, the company aims to make a significant dent in the prevalence of phishing attacks, ultimately safeguarding consumers from falling victim to these scams. As cybercriminals continue to evolve their tactics, the role of companies like Bolster in the cybersecurity landscape becomes increasingly vital.

With the new funding, Bolster is well-positioned to expand its capabilities and further its mission to protect businesses and their customers from the ever-present threat of phishing attacks. This investment underscores the importance of innovative cybersecurity solutions in an era where digital threats are constantly evolving.

Related News:

Featured Image courtesy of MIT News

Yasmeeta Oon

Just a girl trying to break into the world of journalism, constantly on the hunt for the next big story to share.

Leave a Reply

Your email address will not be published. Required fields are marked *