Smyte Releases New Anti-Spam and Fraud/Harassment Prevention Tools

The online security company's trust and safety platform now includes a custom rules engine and deep learning neural network models for supervised and unsupervised image classification.

Smyte

Enterprise security provider Smyte is defining into data what has always been a gray area of semantic content: discerning truth and lies within images, video and messaging.

The San Francisco-based startup has upgraded its SaaS "trust and safety" platform with new tools for stopping the latest online spam, fraud and harassment scams. Smyte's service, which CEO Pete Hunt said is used by companies that handle crowd-funding, classified ad services, social applications and peer-to-peer marketplaces, analyzes more than 5 billion online actions every month using a variety of techniques.

The updated Smyte service, released earlier this month, now uses deep-learning neural networks and a customizable rules engine to scan messaging and photo video-sharing apps for its customers to avoid spam, harassment and varying types of fraud, including account takeover. Smyte simply makes it harder for internet mischief-makers to disrupt online businesses.

"Our customers can integrate with us, and we'll immediately tell them about these types of behavior and recommend courses of action," Hunt told eWEEK.

"The founders of our company are from places like Google and Facebook, working on the trusted safety systems there, and the big idea they all had was that all the other people in the market didn't have was solving all those problems with one system that unifies them all. You can get better results if you unify them all under one system."

Smyte's trust and safety platform is unusual in that it is constantly monitoring, aggregating, learning and adapting to new scams and harassment methods as it gathers information, Hunt said.

Online spammers and fraudsters currently are benefiting from several technical and human developments. For example: IP addresses are cheaper due to vulnerable IoT devices and cracked Android phones; attackers can easily share their code via GitHub and criminal marketplaces; and consumers are getting smarter about privacy, which means companies can't rely on VPN/Tor being a reliable signal of an illegitimate user, Hunt said.

In addition, the price of CAPTCHA solving services and burner phone numbers continues to drop, which means SMS verification and CAPTCHAs aren't as effective; more people are coming online, resulting in more attackers and more unique ways to monetize the attacks within new geographies, Hunt said.

Social networks and peer-to-peer marketplaces are particularly vulnerable to the new wave of Internet attacks. SaaS providers, financial services organizations, health care companies and large enterprises in general are also vulnerable, Hunt said.

To combat the latest online schemes, Smyte's service now uses deep neural-network software that is influenced by how the brain's neocortex interprets images, among its ensemble of techniques. For example, Smyte created a perceptual hash using deep learning that is resilient to advanced attacks such as cropping, rotating, re-texturing and watermarking. This replaces previous perceptual hashing techniques, such as difference hashing, that are easily defeated through automation.

The enhanced Smyte service also includes a feature extraction and rules language. The Smyte Query and Rule Language (SQRL) helps companies prevent fraud by allowing users to create their own rules, Hunt said.

For example, acompany might create a rule that says, "Block any duplicate message that was sent to at least three people and is in the top 1 percent of messages sent on Smyte's service by volume," or "Block any login coming from a country and device we have never seen this user use before."

The rules are stateful and can incorporate streaming data aggregations, such as rate limiting, streaming counts, time windowed set cardinalities, nearest neighbor search and streaming quantile analysis. Facebook and Google have built similar engines for stopping spam, fraud and harassment, but they are not available to the general public and are designed for highly technical engineers, not analysts, Hunt said.

"What we've done in this latest release is attempt to automate our customers' defenses through deep learning, thus decreasing the burden on internal teams," Hunt said, "while also giving Smyte users more control to prevent the attacks that are affecting them most. We've had great feedback from our users so far."

For more information, go here.

Chris Preimesberger

Chris Preimesberger

Chris Preimesberger is Editor of Features & Analysis at eWEEK, responsible in large part for the publication's coverage areas. In his 12 years and more than 3,900 stories at eWEEK, he has...