Boston University, Target and the New York Times in the past year all have been victims of targeted “phishing” attacks, in which hackers posing as employees’ contacts have gotten them to open emails and unwittingly share their credentials or infect their employers’ networks.
But a new, Boxboro-based startup and MassChallenge finalist is giving companies and their employees the tools to fight back.
Astra IDentity’s PhishingGuardian software uses patented technologies to combine big data processing and behavioral analytics to protect employees against emails that may be from imposters.
“A lot of people think a spam filter protects them from phishing attacks, but it only filters junk mail,” said Gagan Prakash, Astra IDentity’s founder and CEO. “It doesn’t detect imposters because the email looks like it’s from someone the recipient knows and trusts.”
A hacker targeting a certain company uses social networks and other Internet data to find employees with access to the company’s data or systems.
The hacker identifies other people the employees may know and then creates a fake but recognizable email address to impersonate a colleague or boss.
From that fake address, the hacker sends the employees a personalized email with a link or attachment. The email bypasses the spam filter and lands in the employees’ inboxes, where they open it because it looks like the “real deal,” Prakash said.
Then they click on the enclosed link, allowing the hacker to steal their credentials, or open an attachment, causing damaging software known as “malware” to infect the computer, smartphone or the company’s entire network.
“There’s a full-fledged black market for all this information the hacker steals because the money’s there,” Prakash said.
For $2 per person per month, Astra IDentity’s software guards against this by monitoring a company’s email traffic and building a “behavioral fingerprint” based on the communication pattern of employees and their contacts, such as whether the sender typically uses a computer, smartphone or tablet; what geography the sender’s emails come from; and whether the sender’s emails usually contain typos.
PhishingGuardian then crunches all this data, comparing incoming emails to the fingerprint, and alerts employees or the company about emails from potential imposters.
Dale Johnson, a Woburn-based email and security consultant, began using the software last month, and it alerted him that someone was trying to get him to click on a link and log in to what turned out to be a fake bank.
“I have customers who need this product because right now, phishing is the biggest threat to businesses and their employees,” Johnson said. “If you can get into the right person’s computer, you can have access to a whole company. And that is the ultimate nightmare.”