Inky, a cybersecurity company developing products designed to protect against phishing, today announced it raised $20 million. The startup says it’ll use the infusion to accelerate enterprise adoption, global expansion, and R&D. In conjunction with this, Inky intends to expand its geographic footprint across Europe, Asia, and Latin America through a strategic buildout of its channel and partner programs.
Malware is a significant threat to organizations, with the cost of an attack averaging around $2.4 million, and two-thirds of all malware infections begin with an email attachment. Phishing emails are the primary delivery mechanism for it. Over 30% of phishing emails are opened by their recipient, and 12% of users either click on a malicious link or open a malicious attachment within the email, potentially infecting their computer — and the network — with malware.
Inky’s Phish Fence platform, which runs on a cloud installation and works with G Suite, Office 365, and Exchange, ostensibly shields against this through a combination of AI and million of lines of code. It comprehends emails and searches for signs of fraud, leveraging computer vision and machine learning to detect imposters from pixels. Using over two dozen image and text classifier models, Phish Fence isolates text, type, character, and image anomalies (including in domain names and text-only designs without real logo images), placing banners directly in emails to offer guidance and providing visibility and threat tracking via a backend dashboard.
Phish Fence’s brand forgery detection technology spots logos within emails and determines those emails’ origin points. Broadly speaking, with natural language processing, the platform develops social profiles and graphs that identify suspicious behavior and identities. It also analyzes email header information to create a model of common contents (like wire or invoice payment requests and password-related emails) against which it compares future emails to suss out domain spoofing, and it uses signature types like DKIM, DMARC, SPF, and Sender ID to verify that emails actually originate at the alleged sender’s domain
When Phish Fence sees an email from a sender that doesn’t match a known profile, it sends an impersonation warning, which customers like Kaizen Approach, Directed, Catholic Charities, Collibra, and the Baltimore Symphony Orchestra can report from any platform, including from the web, a phone, or email clients. Beyond the messaging vector, Phish Fence can detect zero-day phishing attacks in Microsoft Office macros, which malicious actors sometimes use to install malware on machines. And it’s able to spot embedding links to harmful websites within documents as well as PDFs carrying destructive payloads and code containing scripts.
Inky, which was founded by Dave Baggett — the cofounder of airfare search company ITA Software, which Google acquired in 2011 for $730 million and whose technology now powers Google Flights — is well-capitalized with this latest raise, a series B. Led by Insight Partners, it brings the College Park, Maryland-based company’s total raised to over $31.8 million.
The global anti-counterfeit technologies market is anticipated to be worth $104 billion by the end of 2024, and Inky is far from the only startup gunning for a slice of it. One rival is Spain-based Red Points, which raised $38 million in April to further develop its tools to fight counterfeiting and piracy. Another is 3PM Marketplace Solutions, a Chicago-based company that’s worked with clients like HBO to spot counterfeit products. There’s also RedMarlin, which raised $10 million to fight counterfeiting with its AI-powered platform.