In small print, it’s nearly impossible to discern that the “e” in the sender’s google.com domain is not the Latin “e” used to write English, but rather the nearly identical-looking Cyrillic “e” used in Russian and other Slavic languages.   

As a result, the fake security alert about the recipient’s linked Google account looks legitimate enough to inspire a click – even by someone reasonably well trained in avoiding phishing scams.

The notion that training alone is increasingly not enough to protect organizations is at the core of Inky Phish Fence, an Office 365 add-in or Chrome extension for G Suite that uses machine learning technology to instantly analyze emails for subtle discrepancies and other signs that could signal phishing.

“Training is predicated on the idea that the human user is going to catch stuff,” said David Baggett, founder and CEO of Inky, maker of Inky Phish Fence. “Instead of a human, you have to have a computer to catch it; you have to have a progam do it.

“Inky is the first program that we know of that does that.”

Often the first step of lucrative malware attacks, phishing is quickly becoming a very intricate affair.

“We’re seeing phishing attacks that are really resistant to training,” he said.

He pointed to cases of phishing attacks even less “sophisticated” than the Cyrillic “e” example above.

In the small print of an email graphic, cybercriminals artfully substitute “cl” for “d.”

In another scam, the “m” in “bankofamerica.com” was mimicked by using the letters “rn.”

“Training isn’t going to help you spot this,” Baggett said. “It’s virtually invisible.”

To be clear, Inky strongly encourages training and has plans to add disruptively priced phishing training to its own product offerings.

But the artificial intelligence technology is showing tremendous promise as a way to seal up gaps in an organization’s anti-phishing regimen, according to the CEO.

The add-in deploys in literally five minutes, he said.

“We provide them with a URL that points to a manifest which tells Outlook (or G Suite) where to find our code,” Baggett said. “Outlook grabs our code, sticks it in there and gives us the Inky Octopus icon (showing the program is installed).”

And though the technology inspects every email, most customers employ a largely unintrusive version of the service where email data never leaves the premises.

“This looks different because it’s running inside of (Microsoft) Outlook,” Baggett explained. “Normally, these run as a gateway server and decides whether to ‘black hole’ it or deliver it.”

“In the gateway solution, all the mail runs through your provider,” he went on. “Here, we’re running code inside of Outlook and it’s sandboxed, so were very restricted in what we can do.

“We’re not sending the mail to our servers.”

Inky has decided on channel as its go-to-market strategy and they’re looking for providers of managed IT services to partner with.

Cost for the tool is $3.50 per user, per month – with a small premium for a white label option.

“We’re sharing margins aggressively with channel partners,” Baggett said. “This is a good way to earn additional money selling Office 365; they can use this to differentiate themselves.”

Visit the company website for a free trial of Inky Phish Fence.

 

Send tips and news to MSPmentorNews@Penton.com.