How Twilio SendGrid uses machine learning to thwart phishing attacks

Twilio SendGrid trained a TensorFlow-backed machine learning system called Phisherman to catch phish in its email pipeline.

How machine learning is blocking phishing attacks ZDNet's Natalie Gagliordi sits down with TechRepublic's Karen Roby to talk about how Twilio SendGrid trained a TensorFlow-backed system to catch phishing attacks in its emails. Read more:

When cloud communications provider Twilio acquired SendGrid for $2 billion to add email to its platform, the company more than doubled its customer base and also became a behind-the-scenes player in the corporate battle against phishing. 

FREE DOWNLOAD

Special Report: How to Implement AI and Machine Learning

You can download all of the articles in this series in one PDF. It's free to registered ZDNet and TechRepublic members.

Read More

Phishing has been around since email's early days, but due to increasing sophistication, the method still poses a significant threat to business networks. According to some estimates, phishing attacks cost businesses an average of $1.6 million per attack. Twilio SendGrid's AI-powered approach is to stop phishing emails from ever reaching an inbox in the first place.
 
Twilio SendGrid offers a platform for sending emails, such as purchase confirmations, password reset instructions, or emails about an upcoming sale. Developers and marketers use SendGrid to craft, segment, test and deliver the emails.
 
The company says it processes more than 50 billion emails each month, and due to that scale, it's been able to train a TensorFlow-backed machine learning system called Phisherman to catch phish in its email pipeline.
 
TensorFlow is the Google-built open-source machine learning library that's become one of the most popular platforms for creating machine learning and deep learning applications. With Phisherman, Twilio SendGrid is using a trained neural network to determine the probability that any given piece of email is phish. The system uses word-to-vector comparisons to identify patterns in large data sets from a vast array of mail that are then compared against a model designed to isolate phish emails from non-phish emails.

Thanks to Phisherman, the company says its platform maintains a 99.7% legitimate email rate.

"Machine learning allows us to do things at scale," said Len Shneyder, VP of Industry Relations at Twilio SendGrid. "TensorFlow was tested for over a year as we trained the model. In terms of its applicability for large data sets, TensorFlow was ideal."


Must read


Beyond scale, Shneyder also points the company's compliance efforts for helping to train a machine-learning model that's efficient enough to block bad emails without bogging down its systems or negatively affecting the flow of legitimate email. Twilio SendGrid's compliance management team reviews all caught phish to determine if any false positives were snagged by the system. That intelligence is used to continue refining Phisherman, the company said. 

"It's not enough to scale the efficacy of an email platform," said Shneyder. "Scale and compliance -- and the ability to determine bad from good -- are both really important. Our compliance team is focused on mitigating bad actors and fraudulent email from being sent from our system at all. Compliance tells us we aren't leaking out messages solely geared to defrauding someone." 

Shneyder added: "Without machine learning it would be impossible to create a compliance system of this scale."