MetaCert company logo

The profile is currenly unclaimed by the seller. All information is provided by CB Insights.

metacert.com

Stage

Seed VC | Alive

Total Raised

$1.94M

Last Raised

$1.2M | 5 yrs ago

About MetaCert

MetaCert protects companies of all sizes from risks when using messaging apps. The Metacert Security Bot detects malware, phishing, and pornography in direct messages and Slack channels.

MetaCert Headquarter Location

585 Bryant Street 2nd Floor

San Francisco, California, 94107,

United States

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Expert Collections containing MetaCert

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

MetaCert is included in 2 Expert Collections, including Artificial Intelligence.

A

Artificial Intelligence

8,694 items

This collection includes startups selling AI SaaS, using AI algorithms to develop their core products, and those developing hardware to support AI workloads.

C

Cybersecurity

4,895 items

MetaCert Patents

MetaCert has filed 1 patent.

The 3 most popular patent topics include:

  • Application programming interfaces
  • Computer network security
  • Computer security
patents chart

Application Date

Grant Date

Title

Related Topics

Status

1/29/2018

5/12/2020

Computer security, Application programming interfaces, Computer network security, Social networking services, Cryptography

Grant

Application Date

1/29/2018

Grant Date

5/12/2020

Title

Related Topics

Computer security, Application programming interfaces, Computer network security, Social networking services, Cryptography

Status

Grant

Latest MetaCert News

Malware capable of filching financial data – Flubot

Jun 24, 2021

A factory reset will be needed, which means lost data unless a back-up schedule is in place about 2 hours ago       When Flubot hit the UK in May, it was inevitable that it was only a matter of time before it began circulating here. The Android-focused malware tricks users into downloading software to their phone using a fake text message claiming to be from a delivery company. Within the message was a link that directed recipients to download an app to track their delivery. Nothing out of the ordinary for many of us who have embraced online shopping since the pandemic hit last year. But the difference between this message and the standard delivery notification was that the fake message directed users to download the app from outside the Google Play Store. The software packages, called APKs, are actually banking trojans, and the aim is to steal your financial data. In a warning to consumers, regulator ComReg said once installed FluBot could make calls, steal passwords and other data, access contact details and spread the malware via text message, and change accessibility settings on devices. It’s a lot to take in, especially when you realise the cure for Flubot: a complete factory reset of your device. That means lost data unless you have a regular back-up schedule in place. Even if you are fastidious about backups, you’ll need to be careful and make sure you choose a backup from before Flubot hit, unless you want to reinstall the malware. Because Apple devices cannot install apps from outside the App Store, this malware poses more of a risk to Android devices. But that doesn’t mean Apple users shouldn’t all be on their guard. If you are feeling a bit under siege, you’re not the only one. Flubot is yet another fraud aimed at hard-pressed mobile customers, and with all the upheaval that the current public health emergency has caused, it’s not a given that consumers will be able to pick out the genuine messages from the scams. The latest scam comes as Irish consumers are still dealing with the fallout from the HSE hack, and a rise in fraudulent calls and texts claiming to be from officials such as the Department of Social Protection . The fraudulent calls claiming to be from the latter appear to come from an Irish number, as do the numerous text messages that try to lure us into falling for a scam. Anecdotally, many of the calls having come from numbers with an 083 prefix, with texts coming from 086 and 087 numbers. Others reported communications via landlines and 085 numbers. So do the networks have a role to play here? Its not quite as simple as the mobile operators being on their guard to prevent spam messages and scam calls from circulating. Picking out the fraudulent activity from the genuine is more complicated than it might seem. That’s not to say that mobile companies don’t have any weapons to fight back against scammers; understandably though, they aren’t too keen to go into detail. “At Three we have robust security measures in place to help prevent scam messages from reaching our customers. With reports of such scam calls and texts, we will always engage with the relevant authorities to resolve the issue,” the mobile network said in a statement. “We proactively monitor our network for large spikes in call volumes which could be scam calls and take action to prevent further calls being made if required. Once reported by our customers, we will immediately block number ranges to prevent further customer impact.” Vodafone , meanwhile, has embarked on fraud awareness campaigns to try to stop their customers falling for the scams. “At Vodafone, we understand the concerns of customers with regard to fraudulent calls and SMS, and actively engage in cross industry efforts to prevent and disrupt such instances from occurring where possible,” the network said. “We also deliver fraud awareness campaigns to ensure customers understand the risks that scam SMS can bring, and have a dedicated, 24-hour support team who help customers navigate the challenges. We advise all our customers to be vigilant and careful about clicking on any links received in an SMS and refrain from sharing personal information with a cold caller.” The scam artists spreading the fake messages aren’t necessarily based in Ireland , or within the reach of the gardaí. The calls come into Ireland across all the mobile networks through an interconnect carrier, which is an operator who carries traffic between networks. There are a number of carriers who pass these calls in an out of Ireland, and it allows us to send and receive calls to other networks, domestically or internationally. “In the event that spam calls or SMS originate within our network, we can deal with it swiftly, once detected. When the source of the calls or SMS’s is another operator, either here or offshore, we pass the relevant information to them as the onus is on that operator to terminate at source, which is the case here,” Three said. “In relation to the recent scams we have contacted several interconnect carriers where we have identified on this issue, we have also encouraged the carriers to engage with the gardaí.” However, although networks can block the numbers where they see a spike in calls, the reality is that number can then be changes, making it harder to stamp out the scam completely. More complicated still is the fact that although the numbers may look like they are Irish phone numbers, they are often spoofed, meaning they aren’t actually genuine numbers at all. There may be another way to stop these scams in their tracks: zero trust. That would, according to its proponents, stop phishing via bad web addresses before it even gets started. “The Flubot malware, once it’s installed, is very sophisticated and very very nasty, said MetaCert’s Paul Walsh . His company is focused on fighting SMS phishing, where text messages are weaponised to scam consumers. “It’s the worst I’ve seen on mobile. But the delivery isn’t more sophisticated.” Part of the issue is that while SMS firewalls can help mobile operators in terms of protecting traffic and revenue, they aren’t set up for phishing attacks. “If you want to protect your home, you don’t think about the sophisticated techniques that a criminal would use once they’re inside your house to open up your safe if you’re leaving your front door open or letting them in the front of your house,” said Walsh. “You just don’t let them in your front door and then you don’t have to worry about the sophistication of your safe.” The situation, he says, is now getting urgent. Hackers have now realised how much more successful SMS phishing is compared to email, and the situation is only going to get worse, he warns. He estimates that a deceptive URL has served its purpose within three minutes of an SMS being sent, allowing the attackers to move on to the next one. That makes it almost impossible for mobile operators to fight back, as a URL flagged as suspicious must be investigated by security vendors and classes as dangerous before it can be blocked or removed. Walsh believes zero trust for web addresses is the way forward. This is where we assume that all links are bad unless they are verified, something that MetaCert’s Zero Trust URL & Web Access Authentication system offers. The system has 20 billion URLs verified, and sophisticated tools that speed up the process. Plus not every safe URL in existence has to be verified, just the ones more likely to be sent via SMS, such as delivery companies, government sites, postal tracking and so on. The work is ongoing, but Walsh is optimistic. “We had the solution two years ago for SMS,” said Walsh. “Flubot is what is now bringing us to the table because operators who have it on their network are trying to find a solution for it.” For now, Flubot continues to put users in Ireland, and further abroad, at risk. How to avoid scams * Never give out personal or financial information to cold callers. * Assume all links are suspect, even if they appear to be from someone you trust. If a number purporting to be a delivery company sends you a link to track your package, don’t use the link. If you are expecting a delivery, visit the company’s official website by typing the safe web address into your browser bar, and use the tracking number they have sent you in the message to figure out where your package is. * Don’t install apps from outside the official app store. Flubot gets on to your device through persuading users to override a safety mechanism and allow software installation from an unknown source, ie outside th Play Store. that they can trust software downloads from outside the Google Play store. While you shouldn’t blindly trust software in the official app store either – there have been cases of malware found inside “official” apps – it is far easier for malicious actors to insert software into apps outside the Play Store than inside it. * Make sure that Google Play Protect Service is turned on. To do so, go to the Play Store app on your phone, and click on your account name in the top right corner. Select Play Protect, and ensure it turned to on. That will scan for harmful apps and flag any that have been detected on your phone. * If you do install FluBot unknowingly, you will have to wipe your phone to get rid of it. That means doing a factory reset – and losing any data you did not back up before installing Flubot on your device. * Because Flubot steals your credentials, any passwords used on your device after it was installed are at risk. To be safe, reset these passwords and if you reuse the same credentials on other accounts – a security no-no, by the way – reset those too. A password manager such as NordPass, LastPass or DashLane will help you create strong unique passwords for each account you have, and store them for you. Business Today Topics:

MetaCert Web Traffic

Rank
Page Views per User (PVPU)
Page Views per Million (PVPM)
Reach per Million (RPM)
CBI Logo

MetaCert Rank

You May Also Like

INKY Logo
INKY

INKY is a cloud-based email security platform designed to be far more than just artificially intelligent. INKY recognizes logos, brand colors, and email signatures. It understands email, searches for signs of fraud, and can spot impostors by a pixel.

GreatHorn Logo
GreatHorn

GreatHorn provides a cloud-based email security threat detection and response platform that safeguards organizations before, during, and after an email attack.

Vade Secure Logo
Vade Secure

Vade Secure offers a complete solution to secure emails and users and their data. Vade Secure's technology includes anti-phishing, spear phishing, malware and ransomware filtering.

Cofense Logo
Cofense

Cofense provides threat management for organizations concerned about human susceptibility to advanced targeted attacks. Cofense's intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. The company's open approach ensures that Cofense integrates easily into the security technology stack, demonstrating measurable results to help inform an organization's security decision making process.

IRONSCALES Logo
IRONSCALES

IRONSCALES enables organizations to mitigate the risk associated with the technological, operational and human challenges inherent to phishing attacks. The company's multi-layered and automated approach to prevent, detect, and respond to phishing emails combines micro-learning phishing simulation and awareness training (IronSchool), with mailbox-level phishing detection (IronSights), automated incident response (IronTraps) and real-time automated intelligence sharing (Federation) technologies.

Valimail Logo
Valimail

Valimail delivers fully automated email authentication as a cloud service, bringing easy, accessible, and trusted messaging to all organizations. Valimail, using its patented technology, delivers it in fast time. Additionally, email authentication strengthens existing SEGs, adding a highly effective layer of protection, reducing the overall threat surface.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.