How Twilio SendGrid uses machine learning to thwart phishing attacks
When cloud communications provider Twilio acquired SendGrid for $2 billion to add email to its platform, the company more than doubled its customer base and also became a behind-the-scenes player in the corporate battle against phishing.
Phishing has been around since email's early days, but due to increasing sophistication, the method still poses a significant threat to business networks. According to some estimates, phishing attacks cost businesses an average of $1.6 million per attack. Twilio SendGrid's AI-powered approach is to stop phishing emails from ever reaching an inbox in the first place.
Twilio SendGrid offers a platform for sending emails, such as purchase confirmations, password reset instructions, or emails about an upcoming sale. Developers and marketers use SendGrid to craft, segment, test and deliver the emails.
The company says it processes more than 50 billion emails each month, and due to that scale, it's been able to train a TensorFlow-backed machine learning system called Phisherman to catch phish in its email pipeline.
TensorFlow is the Google-built open-source machine learning library that's become one of the most popular platforms for creating machine learning and deep learning applications. With Phisherman, Twilio SendGrid is using a trained neural network to determine the probability that any given piece of email is phish. The system uses word-to-vector comparisons to identify patterns in large data sets from a vast array of mail that are then compared against a model designed to isolate phish emails from non-phish emails.
Thanks to Phisherman, the company says its platform maintains a 99.7% legitimate email rate.
"Machine learning allows us to do things at scale," said Len Shneyder, VP of Industry Relations at Twilio SendGrid. "TensorFlow was tested for over a year as we trained the model. In terms of its applicability for large data sets, TensorFlow was ideal."
Must read
- Google launches TensorFlow 2.0 Alpha
- LinkedIn open sources TonY, its framework to run TensorFlow on Hadoop
- Google eliminates more spam from Gmail with TensorFlow
- Enterprise AI and machine learning: Comparing the companies and applications
- Google says it will address AI, machine learning model bias with technology called TCAV
Beyond scale, Shneyder also points the company's compliance efforts for helping to train a machine-learning model that's efficient enough to block bad emails without bogging down its systems or negatively affecting the flow of legitimate email. Twilio SendGrid's compliance management team reviews all caught phish to determine if any false positives were snagged by the system. That intelligence is used to continue refining Phisherman, the company said.
"It's not enough to scale the efficacy of an email platform," said Shneyder. "Scale and compliance -- and the ability to determine bad from good -- are both really important. Our compliance team is focused on mitigating bad actors and fraudulent email from being sent from our system at all. Compliance tells us we aren't leaking out messages solely geared to defrauding someone."
Shneyder added: "Without machine learning it would be impossible to create a compliance system of this scale."