HelpSystems Goes Phishing For Cyber Threat Hunter
October 25, 2021 Alex Woodie
HelpSystems dipped into the security pond again with its acquisition last week of PhishLabs, a Canadian company that develops technology designed to protect organizations from various Internet-based threats, including malicious emails, account takeover, and data leakage. As is the case with most of HelpSystems’ acquisitions, its IBM i customer are expected to be among the beneficiaries.
For over a decade, PhishLabs has been developing a security platform designed to find and identify and counteract threats to customers. As its name suggests, the company got its start with identifying phishing attacks. Its founder and chief technology officer, John LaCour, grew frustrated with the endless game of “whack-a-mole” that he decided to take a more in-depth approach to rooting out the scourge.
But as the security threat landscape has evolved, so too has the company’s offerings. Today, the PhishLabs Platform uses a combination of Web crawlers, machine learning technology, and visualization tools to help companies prevent themselves from falling victim to the world’s growing legion of cyber criminals, digital thieves, and Internet-based scam artists.
Through its PhishLabs Platform, the company monitors “thousands of social media sources and ingest data from hundreds of public and private data feeds,” it says on its website. “We also integrate data from client-specific sources such as referrer logs and any third party feeds,” including security information and event management systems (SIEMs), security orchestration, automation, and response products (SOARs), threat intelligence platforms (TIPs), and intrusion detection and preventing systems (IDPS).
PhishLabs Platform then brings proprietary algorithms and advanced analytics to bear on the data. If a real threat is identified (as opposed to a false positive, which the company notes are more prevalent than true positives) the platform gives operators mitigation measures, such as kill switches, “takedown APIs,” “fastlanes,” and browser-blocking tools to neutralize the threat.
PhishLabs aims to protect customers from various threats, including account credential theft and takeover scams, social media attacks, business email compromise (BEC), and “vishing,” which involves the use of phone calls and voice mail to induce individuals to reveal personal information, among others.
“Different threats demand different approaches,” the company says. “For example, look-alike domains and fake social accounts are two very different problems that require distinct collection, curation, and mitigation. Using the same technology and operations for both leads to neither being addressed well.”
HelpSystems was impressed enough with the Mississauga, Ontario-based company make it its sixth acquisition of the year last week. According to HelpSystems chief executive officer Kate Bolseth, PhishLabs will help prevent blind spots from developing at companies while they are modernizing their applications.
“Digital transformation has made it critical for security teams to have visibility across the digital landscape and to quickly respond to both internal and external threats,” Bolseth says in a statement announcing the deal. “PhishLabs’ ongoing intelligence collection, curation, and threat mitigation safeguards organizations’ critical digital assets and provides peace of mind for customers across the globe.”
PhishLabs adds to HelpSystems’ growing portfolio of security-based companies that it has acquired over the last several years. In May, it acquired two Northern California security firms, including Beyond Security, which specializes in developing tools for automatically scanning complex networks and applications for security vulnerabilities, and Agari, which specializes in protecting companies against email-based threats, including phishing and BEC scams.
The acquisition of PhishLabs is the 11th straight security-related acquisition of the past three years. Starting with its acquisition of Core Security in February 2019, HelpSystems nabbed a string of security firms, including Clearswift (December 2019), Strategic Cyber (March 2020), TITUS (June 2020, Boldon James (June 2020), Vera (December 2020), File Catalyst (January 2021), and Digital Defense (February 2020), before acquiring Beyond Security and Agari earlier this year.
Tony Prince, chief executive officer of PhishLabs, says he’s looking forward to working with the large pool of security expertise that HelpSystems has accumulated over the years. “Our combined resources and expertise put us in a strong position to partner more strategically with our clients and help their security teams thrive as the threat landscape evolves,” Prince states in the press release.