- OnDOMAIN is a new service that aims to assist businesses in quickly shutting down bogus phishing websites.
- It was disclosed today in Red Sift’s $54 million Series B investment round.
- According to Proofpoint, 83 percent of businesses will experience a successful email-based phishing attack in 2021, up from 57 percent in 2020.
- Furthermore, Proofpoint data indicates that 77 percent of businesses were subjected to BEC attacks last year, up from 65 percent in 2020.
Despite security organizations’ best efforts and increased investment in cyber, phishing, and business email compromise (BEC), assaults are rising – and becoming more successful. According to Proofpoint, 83% of firms suffered a successful email-based phishing assault in 2021, a significant increase from 57% in 2020. And according to Proofpoint research, 77 percent of firms encountered BEC assaults last year, up from 65 percent in 2020.
However, reversing these trends requires more than simply teaching employees to avoid opening phishing emails. It’s a complicated issue with several facets to consider. According to Rahul Powar, it is virtually unheard of for a single organization to address the issue holistically – at least until now. Red Sift, co-founder and CEO, aims to be that unified organization, launching a domain protection solution today to complement its outgoing and incoming email security offerings.
“There are other suppliers that have alternative point solutions” in each of the three locations where Red Sift now works, Powar said in an interview. However, the fact is that these issues are inextricably linked. And if they are viewed as point solutions, you will always have an incomplete security offering.
Ultimately, consumers demand a “solution that assists you in identifying the full of your digital asset base,” as Red Sift specializes in doing with its technology for collecting and analyzing millions of data points every day. OnDOMAIN is a new tool that seeks to assist organizations in promptly shutting down fraudulent phishing websites. It was announced today in conjunction with Red Sift’s $54 million series B financing round. Highland Europe led the financing, including Sands Capital, Oxford Capital, and MMC Ventures. Since its inception in 2015, Red Sift has raised $69.8 million in investment.
Red Sift’s OnDOMAIN
OnDOMAIN, now in preview and is scheduled to become generally available in the second quarter — will join Red Sift’s existing solutions that secure outbound email (OnDMARC) and incoming email (OnINBOX). Powar explains that Red Sift is introducing the product to understand that protecting against phishing attempts is about more than email security — and is best addressed with a comprehensive solution.
According to Red Sift, OnDOMAIN monitors 150 million newly registered domains and subdomains daily and analyses intelligence from many data sources to verify a domain’s legitimacy. The software enables security teams to quickly shut down phishing sites with one-click takedown features, which the business stated is enabled by industry collaborations.
Along with fraudulent websites, OnDOMAIN will find unsafe domains that are legal yet previously undiscovered, according to Red Sift. According to the corporation, the solution’s features would enable clients to safeguard their brands and reputations against damage and misuse.
Even giant, intelligent corporations, Powar explained, have assets they are unaware of. They may have a solution that assists them in identifying and managing all their certificates and domains. Still, it is not connected with their email security posture in any meaningful way. As a result, things fall between the gaps.
Put an end to impersonating.
OnDMARC enables businesses to install DMARC (Domain-based Message Authentication, Reporting, and Conformance) more quickly. DMARC is an email authentication, policy, and reporting standard. They implemented the protocol to prevent email impersonation by assuring that only authorized senders may use a specific domain in the “from” field of an email message.
While the DMARC protocol was released in 2015, according to Valimail statistics, just 22% of prominent retailers, 30% of Fortune 500 domains, and 36% of significant banks have achieved “complete DMARC enforcement” at this time. According to Powar, the low acceptance rate is that DMARC has historically been an excellent consultation effort. It’s been a challenging endeavor to complete.
By automating the DMARC implementation process, Red Sift’s OnDMARC software intends to simplify the process significantly. OnDMARC assists firms in implementing DMARC – a technology that is unique in its capacity to secure enterprises across their supply chain and network, according to Powar.
He stated as follows: When you implement DMARC, you communicate to the world how they, as recipients, may verify that the email originated from infrastructure that you have allowed. By default, plain vanilla email does not provide this. As a result, you’re vulnerable to sophisticated supply chain assaults, customer phishing, and invoicing fraud against your supply chain.
DMARC can help with a lot of stuff for domains that a business controls and owns — since it enables recipients to determine and verify that the email came from the organization, Powar explained. Meanwhile, OnINBOX leverages artificial intelligence (AI) and machine learning (ML) — as well as a thorough understanding of the signs that indicate a malicious email — to deliver an algorithmic judgment of whether or not it is safe to engage with an email, he added. Powar stated that the method is intended to complement widely deployed current email security technologies rather than replace them.
Attraction of customers
Red Sift has grown to over 700 customers and plans to treble that number by the end of 2022 with the additional capital, he added. Domino’s Pizza, ZoomInfo, PageGroup, Wise, Telefónica, and Rentokil Initial plc are among the company’s customers. Powar said the company’s sales doubled in 2021 and is projected to do so again this year.
Additionally, he added, Red Sift plans to quadruple its current team of 80 by the end of this year with the help of the additional funds. As part of its development this year, the London-based business wants to build a US office in Austin, Texas, Powar added.
Powar co-founded Red Sift with CTO Randal Pinto, another Shazam employee who served as the company’s head of program management until 2011. Powar created Apsmart in 2008 and served as its CEO until Thomson Reuters bought it in 2012. Pinto also worked at Apsmart as the head of professional services, and he and Powar each spent three years at Thomson Reuters before launching Red Sift in 2015.
This year’s primary focus will be on market expansion for the OnDOMAIN solution, Powar explained. He stated that with OnDOMAIN, they take their authentication expertise and machine learning models included within OnINBOX and apply them to the whole internet. Thus, they watch freshly detected domains, websites that are spinning up in real-time, looking for fraud and brand infringement in those assets – allowing them to spot phishing attempts even before they debut. As a result, it fits pretty neatly into the OnDMARC use case.
As another example, Powar stated that OnDOMAIN might monitor critical suppliers. He explained the individuals with whom your HR staff contacts may be identified and monitored in OnINBOX and OnDOMAIN.
The other significant issue that OnDOMAIN addresses are assisting enterprises in defining their boundary, Powar explained. If you’re a substantial financial services business, you probably have no idea how many online assets you hold. As a result, he continued, it’s pretty difficult to bring them under control. OnDOMAIN also assists in identifying all of those items as part of its overall internet scanning. Overall, Red Sift differentiates itself by addressing some of the most challenging security concerns, Powar added. He stated that they offer automated, user-centric cybersecurity solutions for various difficult-to-solve issues. It’s convoluted. And they are doing it on a large scale.