Cybersecurity startup PhishMe raises $42.5 million to help employees spot phishing attacks

PhishMe, a cybersecurity startup that helps companies thwart phishing attacks among other targeted malware, has closed a $42.5 million series C round led by existing investor Paladin Capital Group, with participation from Bessemer Venture Partners.

Founded in 2011, Virginia-based PhishMe provides the tools to engage employees across an organization so that they can recognize malicious phishing emails. Part of this involves conditioning them into being able to spot rogue emails, but it also lets them easily report questionable emails to the appropriate security teams internally.

So-called “spear phishing” is a technique whereby an individual is hoodwinked into providing sensitive information in response to an email request from a fake email address that resembles a real email address from someone else at the target company.

You may remember that Snapchat revealed it was targeted in a spear phishing attack by a scammer impersonating Evan Spiegel, the company’s cofounder and CEO. A person in the company’s payroll department received an email requesting payroll data for employees, and they duly complied because they thought the request was from Spiegel himself.

Cybersecurity: ripe for investment

Cybersecurity has emerged as one of the hottest categories for investment in recent times — just yesterday, SafeBreach raised $15 million to test companies’ cybersecurity from a hacker’s perspective. And in the past couple of months, other notable cybersecurity investments include Bay Dynamics raising $23 million for its risk analytics platform, Post-Quantum nabbing $8 million, Darktrace securing $65 million, SecurityScorecard closing a $20 million round, and Cylance attracting $100 million for its A.I.-driven security platform.

So what makes PhishMe stand out for its new investor?

“Despite the growing number of security vendors in the market, we quickly realized the huge potential behind PhishMe’s business proposition,” explained Alex Ferrara, partner at Bessemer Venture Capital. “The most damaging cyber-attacks almost always involve phishing or spear phishing attempts and that is why empowering the human element or employees to detect these phishing campaigns has become a top priority for modern enterprises.”

PhishMe had raised around $15 million before this latest round, and its fresh cash injection will be used to “expand its product and intellectual property portfolio by continuing to invest in its research and development teams,” the company said in a statement. Additionally, the company will use its new treasure chest to expand further into Europe and Asia.