top of page

IRONSCALES Deploys Natural Language Processing to Automatically PreventBusiness Email Compromise

IRONSCALES, the pioneer of self-learning email security, recently announced that it has deployed natural language processing (NLP), using advanced machine learning (ML) and neural networks, to automatically detect and respond to the most common types of business email compromise (BEC) attacks. As an emerging phishing attack technique, BEC leans heavily on social engineering messages that rarely contain malicious attachments or links, resulting in frequent delivery into employee inboxes. In 2019, the FBI estimates that BEC attacks cost businesses at least $1.77 billion.

“Business email compromise has emerged as a major headache for companies of all sizes,” said Eyal Benishti, IRONSCALES founder and CEO. “We’ve been working for many years on building technology to reduce the risk posed by malicious messages that traditional email security safeguards were never built to detect. The addition of natural language processing further improves our ability to protect employee’s inbox from BEC attacks, while relieving security analysts from the burden of manually analyzing and remediating every single threat.”

For the past several years, IRONSCALES innovation has focused on attempting to verify ‘who’ is sending messages since BEC attacks are almost always delivered as an impersonated email. Now, IRONSCALES email security platform can also determine the ‘what’ is being sent by analyzing fraudulent language via NLP, a major step forward in reducing the risk of BEC attacks,

How NLP helps prevent BEC phishing attacks

Business email compromise remains difficult for legacy email security tools, such as secure email gateways, to prevent because such attacks do not leverage malicious URLs or malware attachments.

By deploying NLP, IRONSCALES can now analyze the email content for topic and sentiment to automatically classify BEC attacks that bypass gateway defenses. The 4 most common emails IRONSCALES classifies as BEC can be roughly split into four main groups, including:

  • Employee availability checks

  • Requests for an unspecific task

  • Requests for a gift card

  • Requests to change direct deposit, bank details or request for payment

“Being a self-learning platform allows us to very quickly pick up on new patterns and topics as they emerge,” said Lomy Ovadia, VP of R&D.

New VIP email impersonation protections

In addition to the new NLP-driven BEC protections, IRONSCALES is making it easier to protect  impersonation attempts of VIP users. Now, attempted impersonation attacks of senior executives and high-level managers will be automatically detected by titles and recommended for automatic impersonation protection. This added capability will improve detection of any impersonation attempt that includes a VIP as the alleged sender.

“Not a day goes by that our executives aren’t impersonated,” said Amir Freudinger, IT Manager at Nano Dimension. “IRONSCALES continues to improve its ability to protect our employees, while not adding additional work for the security team. Such benefits are uncommon for the email security industry.”

Today’s news further reflects IRONSCALES commitment to email security innovation for which the company has previously won more than a half dozen prestigious awards. As of today, both the new business email compromise and VIP impersonation protections are now available as part of the IRONSCALES self-learning email security platform.

For more information on IRONSCALES, and to follow forthcoming product announcements, visit and follow @ironscales on Twitter and LinkedIn.


IRONSCALES is the future of phishing protection, incubated inside the world’s top venture program for cybersecurity and founded by alumni of the Israeli Defense Forces’ elite Intelligence Technology unit. We offer security professionals and end users an AI-driven, self-learning email security platform that provides a comprehensive solution to stop tomorrow’s phishing attacks today. Using the world’s most decentralized threat protection network, our platform accelerates the prevention, detection and remediation of phishing attacks already inside your email with threat removal times in seconds, not minutes or hours. We give organizations of all sizes complete anti-phishing protection against any type of phishing attack, right now. Visit to learn more about The Power of Now.


bottom of page