Federal Bureau of Investigation

Auto Added by WPeMatico

Fraud prevention platform Sift raises $50M at over $1B valuation, eyes acquisitions

With the increase of digital transacting over the past year, cybercriminals have been having a field day.

In 2020, complaints of suspected internet crime surged by 61%, to 791,790, according to the FBI’s 2020 Internet Crime Report. Those crimes — ranging from personal and corporate data breaches to credit card fraud, phishing and identity theft — cost victims more than $4.2 billion.

For companies like Sift — which aims to predict and prevent fraud online even more quickly than cybercriminals adopt new tactics — that increase in crime also led to an increase in business.

Last year, the San Francisco-based company assessed risk on more than $250 billion in transactions, double from what it did in 2019. The company has over several hundred customers, including Twitter, Airbnb, Twilio, DoorDash, Wayfair and McDonald’s, as well a global data network of 70 billion events per month.

To meet the surge in demand, Sift said today it has raised $50 million in a funding round that values the company at over $1 billion. Insight Partners led the financing, which included participation from Union Square Ventures and Stripes.

While the company would not reveal hard revenue figures, President and CEO Marc Olesen said that business has tripled since he joined the company in June 2018. Sift was founded out of Y Combinator in 2011, and has raised a total of $157 million over its lifetime.

The company’s “Digital Trust & Safety” platform aims to help merchants not only fight all types of internet fraud and abuse, but to also “reduce friction” for legitimate customers. There’s a fine line apparently between looking out for a merchant and upsetting a customer who is legitimately trying to conduct a transaction.

Sift uses machine learning and artificial intelligence to automatically surmise whether an attempted transaction or interaction with a business online is authentic or potentially problematic.

Image Credits: Sift

One of the things the company has discovered is that fraudsters are often not working alone.

“Fraud vectors are no longer siloed. They are highly innovative and often working in concert,” Olesen said. “We’ve uncovered a number of fraud rings.”

Olesen shared a couple of examples of how the company thwarted fraud incidents last year. One recently involved money laundering through donation sites where fraudsters tested stolen debit and credit cards through fake donation sites at guest checkout.

“By making small donations to themselves, they laundered that money and at the same tested the validity of the stolen cards so they could use it on another site with significantly higher purchases,” he said. 

In another case, the company uncovered fraudsters using Telegram, a social media site, to make services available, such as food delivery, with stolen credentials.

The data that Sift has accumulated since its inception helps the company “act as the central nervous system for fraud teams.” Sift says that its models become more intelligent with every customer that it integrates.

Insight Partners Managing Director Jeff Lieberman, who is a Sift board member, said his firm initially invested in Sift in 2016 because even at that time, it was clear that online fraud was “rapidly growing.” It was growing not just in dollar amounts, he said, but in the number of methods cybercriminals used to steal from consumers and businesses.

Sift has a novel approach to fighting fraud that combines massive data sets with machine learning, and it has a track record of proving its value for hundreds of online businesses,” he wrote via email.

When Olesen and the Sift team started the recent process of fundraising, Insight actually approached them before they started talking to outside investors “because both the product and business fundamentals are so strong, and the growth opportunity is massive,” Lieberman added.

“With more businesses heavily investing in online channels, nearly every one of them needs a solution that can intelligently weed out fraud while ensuring a seamless experience for the 99% of transactions or actions that are legitimate,” he wrote. 

The company plans to use its new capital primarily to expand its product portfolio and to scale its product, engineering and sales teams.

Sift also recently tapped Eu-Gene Sung — who has worked in financial leadership roles at Integral Ad Science, BSE Global and McCann — to serve as its CFO.

As to whether or not that meant an IPO is in Sift’s future, Olesen said that Sung’s experience of taking companies through a growth phase such as what Sift is experiencing would be valuable. The company is also for the first time looking to potentially do some M&A.

“When we think about expanding our portfolio, it’s really a buy/build partner approach,” Olesen said.

Powered by WPeMatico

Cybereason raises $200 million for its enterprise security platform

Cybereason, which uses machine learning to increase the number of endpoints a single analyst can manage across a network of distributed resources, has raised $200 million in new financing from SoftBank Group and its affiliates. 

It’s a sign of the belief that SoftBank has in the technology, since the Japanese investment firm is basically doubling down on commitments it made to the Boston-based company four years ago.

The company first came to our attention five years ago when it raised a $25 million financing from investors, including CRV, Spark Capital and Lockheed Martin.

Cybereason’s technology processes and analyzes data in real time across an organization’s daily operations and relationships. It looks for anomalies in behavior across nodes on networks and uses those anomalies to flag suspicious activity.

The company also provides reporting tools to inform customers of the root cause, the timeline, the person involved in the breach or breaches, which tools they use and what information was being disseminated within and outside of the organization.

For co-founder Lior Div, Cybereason’s work is the continuation of the six years of training and service he spent working with the Israeli army’s 8200 Unit, the military incubator for half of the security startups pitching their wares today. After his time in the military, Div worked for the Israeli government as a private contractor reverse-engineering hacking operations.

Over the last two years, Cybereason has expanded the scope of its service to a network that spans 6 million endpoints tracked by 500 employees, with offices in Boston, Tel Aviv, Tokyo and London.

“Cybereason’s big data analytics approach to mitigating cyber risk has fueled explosive expansion at the leading edge of the EDR domain, disrupting the EPP market. We are leading the wave, becoming the world’s most reliable and effective endpoint prevention and detection solution because of our technology, our people and our partners,” said Div, in a statement. “We help all security teams prevent more attacks, sooner, in ways that enable understanding and taking decisive action faster.”

The company said it will use the new funding to accelerate its sales and marketing efforts across all geographies and push further ahead with research and development to make more of its security operations autonomous.

“Today, there is a shortage of more than three million level 1-3 analysts,” said Yonatan Striem-Amit, chief technology officer and co-founder, Cybereason, in a statement. “The new autonomous SOC enables SOC teams of the future to harness technology where manual work is being relied on today and it will elevate  L1 analysts to spend time on higher value tasks and accelerate the advanced analysis L3 analysts do.”

Most recently the company was behind the discovery of Operation SoftCell, the largest nation-state cyber espionage attack on telecommunications companies. 

That attack, which was either conducted by Chinese-backed actors or made to look like it was conducted by Chinese-backed actors, according to Cybereason, targeted a select group of users in an effort to acquire cell phone records.

As we wrote at the time:

… hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records — including times and dates of calls, and their cell-based locations — on at least 20 individuals.

Researchers at Boston-based Cybereason, who discovered the operation and shared their findings with TechCrunch, said the hackers could track the physical location of any customer of the hacked telcos — including spies and politicians — using the call records.

Lior Div, Cybereason’s co-founder and chief executive, told TechCrunch it’s “massive-scale” espionage.

Call detail records — or CDRs — are the crown jewels of any intelligence agency’s collection efforts. These call records are highly detailed metadata logs generated by a phone provider to connect calls and messages from one person to another. Although they don’t include the recordings of calls or the contents of messages, they can offer detailed insight into a person’s life. The National Security Agency  has for years controversially collected the call records of Americans from cell providers like AT&T and Verizon (which owns TechCrunch), despite the questionable legality.

It’s not the first time that Cybereason has uncovered major security threats.

Back when it had just raised capital from CRV and Spark, Cybereason’s chief executive was touting its work with a defense contractor who’d been hacked. Again, the suspected culprit was the Chinese government.

As we reported, during one of the early product demos for a private defense contractor, Cybereason identified a full-blown attack by the Chinese — 10,000 thousand usernames and passwords were leaked, and the attackers had access to nearly half of the organization on a daily basis.

The security breach was too sensitive to be shared with the press, but Div says that the FBI was involved and that the company had no indication that they were being hacked until Cybereason detected it.

Powered by WPeMatico

United Airlines CISO Emily Heath joins TC Sessions: Enterprise this September

In an era of massive data breaches, most recently the Capital One fiasco, the risk of a cyberattack and the costly consequences are the top existential threat to corporations big and small. At TechCrunch’s first-ever enterprise-focused event (p.s. early-bird sales end August 9), that topic will be front and center throughout the day.

That’s why we’re delighted to announce United’s chief information security officer Emily Heath will join TC Sessions: Enterprise in San Francisco on September 5, where we will discuss and learn how one of the world’s largest airlines keeps its networks safe.

Joining her to talk enterprise security will be a16z partner Martin Casado and DUO / Cisco’s head of advisory CISOs Wendy Nather, among others still to be announced.

At United, Heath oversees the airline’s cybersecurity program and its IT regulatory, governance and risk management.

The U.S.-based airline has more than 90,000 employees serving 4,500 flights a day to 338 airports, including New York, San Francisco, Los Angeles and Washington, D.C.

A native of Manchester, U.K., Heath served as a former police detective in the U.K. Financial Crimes Unit where she led investigations into international investment fraud, money laundering and large scale cases of identity theft — and ran joint investigations with the FBI, SEC and London’s Serious Fraud Office.

Heath and her teams have been the recipients of CSO Magazine’s CSO50 Awards for their work in cybersecurity and risk.

At TC Sessions: Enterprise, Heath will join a panel of cybersecurity experts to discuss security on enterprise networks large and small — from preventing data from leaking to keeping bad actors out of their network — where we’ll learn how a modern CSO moves fast without breaking things.

Join hundreds of today’s leading enterprise experts for this single-day event when you purchase a ticket to the show. The $249 early-bird sale ends Friday, August 9. Make sure to grab your tickets today and save $100 before prices go up.

Powered by WPeMatico

Microbiome testing service uBiome puts its co-founders on administrative leave after FBI raid

The microbiome testing service uBiome has placed its founders and co-chief executives, Jessica Richman and Zac Apte, on administrative leave following an FBI raid on the company’s offices last week.

The company’s board of directors have named John Rakow, currently the company’s general counsel, as its interim chairman and chief executive, the company said in a statement.

Directors of the company are also conducting an independent investigation into the company’s billing practices, which is being overseen by a special committee of the board.

It was only last week that the FBI went to the company’s headquarters to search for documents related to an ongoing investigation. What’s at issue is the way that the company was billing insurers for the microbiome tests it was performing on customers.

“As interim CEO of uBiome, I want all of our stakeholders to know that we intend to cooperate fully with government authorities and private payors to satisfactorily resolve the questions that have been raised, and we will take any corrective actions that are needed to ensure we can become a stronger company better able to serve patients and healthcare providers,” Rakow said in a statement.

”My confidence is based on the significant clinical evidence and medical literature that demonstrates the utility and value of uBiome’s products as important tools for patients, health care providers and our commercial partners.” added Mr. Rakow.

It’s been a rough few weeks for consumer companies working on developing microbiome testing services and treatments based on those diagnosis. In addition to the FBI raid, the Seattle-based company, Arivale, was forced to shut down its “consumer program” after raising more than $50 million from investors, including Maveron, Polaris Partners and ARCH Venture Partners.

UBiome is backed by investors including Andreessen Horowitz, OS Fund, 8VC, Y Combinator, DNA Capital, Crunchfund, StartX, Kapor Capital, Starlight Ventures and 500 Startups.

Powered by WPeMatico

The FBI searched the offices of microbiome startup uBiome

Earlier today, agents from the FBI searched the offices of uBiome, the medical testing company that sells analyses of an individual’s microbiome — the bacteria that live in the gut, according to a report in The Wall Street Journal.

The FBI is reportedly investigating uBiome’s billing practices, the WSJ reported.

“I can confirm that special agents from the FBI San Francisco Division are present at 360 Langton Street in San Francisco conducting court-authorized law enforcement activity. Due to the ongoing nature of the investigation, I cannot provide any additional details at this time,” a spokesperson for the FBI confirmed.

360 Langton street is listed as an address for uBiome.

Numerous questions surrounding the clinical validity and efficacy of microbiome analysis remain, and uBiome could be under the microscope for the fact that it offers physician-ordered and consumer-requested test kits.

We are cooperating fully with federal authorities on this matter. We look forward to continuing to serve the needs of healthcare providers and patients,” a spokesperson for the company wrote in an email to TechCrunch.

The company is one of a growing number of startups raising money for consumer-facing and clinical applications around the nascent field of microbiome research.

Founded by Jessica Richman in 2012, uBiome has gone from a crowdfunded startup that raised $350,000 to begin developing testing for microbiome health to a company that reportedly raised $83 million last year.

As uBiome faces potential legal troubles with the federal government, other microbiome startups are also struggling.

Earlier this week, Arivale, a company that used a combination of genetic and microbiome testing and coaching to improve long-term consumer health, was forced to shut down its “consumer program” after raising more than $50 million from investors, including Maveron, Polaris Partners and ARCH Venture Partners.

“Regrettably… we are terminating our consumer program. Our decision to do so is attributable to the simple fact that the cost of providing the service exceeds what our customers can pay for it,” the company wrote on its website. “We believe the costs of collecting the genetic, blood and microbiome assays that form the foundation of the program will eventually decline to a point where the program can be delivered to consumers cost-effectively. However, we are unable to continue to operate at a loss until that time arrives.”

Some customers of uBiome were able to avoid those costs by having insurance providers pick up the tab. What the government is likely investigating is whether those insurance claims were fraudulent.

Powered by WPeMatico

As Internal Threats Rise, Investors Back New Security Tech

13334048894_6e8b421c4e_o Amid this steady drumbeat of technology breaches and security snafus, venture capitalists have spent roughly $6.5 billion on new technologies to combat this menace, according to CrunchBase data. The latest company to benefit from this deluge of dollars, and the one that addresses the issue of bad actors inside corporate networks most directly, is HyTrust, which closed on $25 million. Read More

Powered by WPeMatico