Meet Startup @TW

BlockChain Security launches second blockchain solution ChkSender to combat email fraud

Business Next

Last year, a Lithuanian man was sentenced to five years in prison for tricking Facebook and Google into sending $123 million to his bank accounts through a business email compromise (BEC) campaign.

This type of crime is on the rise and continues to wreak havoc in the business world. Formerly known as man-in-the-email attack, BEC is a sophisticated type of scam in which a hacker compromises business email accounts to conduct unauthorized transfers of funds, as the FBI defines.

The US agency has been tracking the financial cyber threat since 2013, and revealed in its 2019 Internet crime report that BEC, though accounts for only 5% of the reported cases of fraud, causes 50% of the loss from all cyber activities last year. It costs each victim $75,000 on average, which translates to a loss of over $1.7 billion in a year.

Earlier this year in January, Taiwanese startup BlockChain Security launched an email verification tool called ChkSender as a response to the growing number of BEC attacks. As a Chrome extension, it goes through each email in Gmail to ensure it’s not tampered with during transmission.

With ChkSender installed, the user has access to an array of data about the sender of any given email, including server location, domain name, and domain owner. Meanwhile, the extension verifies the sender’s identity based on these data and examines other parts of the email like address and the message body.

Before sending out an email, the user is offered two options to protect themselves from potential fraud: to sign the email with a digital signature and record a copy on the blockchain, or encrypt the entire email with a password known only by the recipient (who has installed the extension to Chrome).

The former allows ChkSender to compare the footprints in the received email and on the blockchain and tell if the email is altered in transit; if so, it means that the mail server may have been hacked. The latter prevents attackers from changing what’s been written in the email in a rather straightforward way, since the recipient is supposed to be the only person capable of decrypting and later reading it.

As the next step, according to its CTO, BlockChain Security expects to develop a version for Outlook users and build AI into the product so that it can analyze what the message in the email means and better identify hackers who pretend to sound like the sender when illegally rewriting the email. The extension is currently free for download.

ChkSender is the two-year-old company’s second application, following Blockchain Witness, an app used for evidence collection launched last year in July. With this blockchain solution, the user can take photos, record videos, or do screenshots while ensuring that these data are deemed reliable enough to be admitted at trial.

The app uses GPS to pinpoint when and where a piece of evidence is collected, and as a unique digital footprint (hash value) is generated, a copy of it will be recorded on the blockchain. What the user needs to do to authenticate the evidence in court is to compare the two footprints in the device and on the blockchain. If there isn’t a mismatch, the evidence is tamper-proof.

In the long run, CEO Po Huang said the team plans to build a “cloud platform for blockchain solutions” across a wide range of use cases and go global.

News source is from Business Next.

Bryan Chou

Bryan Chou is a Taiwan-based and born journalist who writes about innovation and entrepreneurship for Business Next and Meet. Over the past five years, he has written for a student press, translated numerous magazine pieces, and worked as an intern in two startups. He believes what shapes him into who he is today is not only these experiences but the people he has interacted with and the stories he has learned from them.

He has a BA in Foreign languages and literatures from NTU. After graduation, he spent a year in Prague, traveling extensively around Europe to learn about the history and culture of the region from local people. Currently based in Taipei, he hopes to present the best of Taiwan to the world.