In spite of spirited efforts from email providers, browser developers, and security firms, phishing continues to be a major nuisance. There are already repositories like Phishtank that rely on crowdsourcing to identify phishing campaigns. However, crowdsourcing is not nearly nimble enough to tackle phishing scams that often require just a few hours to cause the intended damage.
Now, a new Cisco spinoff called Agari is trying to tackle the problem by combining multiple sophisticated approaches including authentication of the sender, message analysis, and end-to-end email channel visibility. Google, Microsoft, Yahoo, and AOL, who are amongst the biggest email providers, have joined hands to provide metadata about emails passing through their networks to Agari, which uses its cloud infrastructure to analyze more than 1.5 billion messages every day. It doesn’t receive the actual messages, but might receive suspicious links contained in the message along with miscellaneous metadata. Agari, which is launching today, has Facebook and some of the largest financial institutions, social networks, and ecommerce companies as its customers. Besides the aforementioned four email giants, file sharing website YouSendIt, social network LinkedIn, and Cisco are also part of its trust fabric network.
“Facebook can go into the Agari console and see charts and graphs of all the activity going on in their e-mail channel (on their domains and third-party solutions) and see when an attack is going on in a bar chart of spam hitting Yahoo,” for instance, Daniel Raskin, vice president of marketing for Agari, explained to CNET. “They receive a real-time alert and they can construct a policy to push out to carriers (that says) when you see this thing happening don’t deliver it, reject it.”
Agari, which had been operating in stealth mode for the past couple of years, protects 50 percent of U.S. consumer e-mail traffic and more than one billion individual mailboxes. During its stealth phase, it rejected more than one billion messages across its email partners. Agari believes that by having end-to-end visibility over most messages it can rapidly react and stop phishing campaigns in their tracks.