Monthly Archives: June 2021

News: Opting for a debt round can take you from Series A startup to Series B unicorn

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

For many early startups, debt financing is not an option. If companies want to preserve equity, however, debt can be an advantageous choice.

Debt is a tool, and like any other — be it a hammer or handsaw — it’s extremely valuable when used skillfully but can cause a lot of pain when mismanaged. Fortunately, this is a story about how it can go right.

At the beginning of 2020, my company, Quantum Metric, was on a tremendous growth curve. We couldn’t have been more excited — and then COVID hit. Suddenly, everything was up in the air. Customer behavior quickly began to reflect the uncertainty we all felt, and my team wasn’t immune to it, either. Like most, we sweated through the first few months of the pandemic.

On the one hand, we felt it might be our time to shine, as digital solutions rose to the surface even in industries that were previously slow to adopt them (think banking and airlines). On the other, companies were trying to lock up as much cash as they could, as fast as they could. What if our customers weren’t able to pay us?

One thing became crystal clear: We needed cash, too. First and foremost, we needed it to protect the company against the income loss we anticipated from customers who were having an especially tough time — namely, those who relied on in-person business as a major revenue source.

Second, we needed cash in order to scale. As the weeks following the initial shelter-in-place orders ticked by, the rush toward digital grew exponentially, and opportunities to secure new customers started piling up. A solution to our money problems, perhaps? Not so fast — it was a classic case of needing to spend in order to make.

Most startups face this dilemma at some point. Some face it continuously. We needed a way to funnel capital into growth and manage to stay cash strong, which was important for another reason: As we headed downstream toward a Series B funding round, we were hesitant to devalue the company (and employee shares) any more than was absolutely necessary.

“There are no solutions, there are only trade-offs,” Thomas Sowell wrote about politics. It’s no different in business. We knew that for Quantum Metric to succeed, we had to give up something in the future in order to get what we needed in the short term. Choosing a debt round as a younger company ran the risk of cash-flow misalignment down the road, but in the same vein, an equity round might have made subsequent funding rounds more challenging.

Whatever we did, we had to do fast, and we had to do it in a chaotic venture capital environment (that may be an understatement). In some meetings, it felt as if VC money had dried up completely. In others, record deals were being made. Startups were bypassing IPOs and going public via SPACs and direct listings. Factoring in the amount of hype that was permeating the market (something I’ve never been a fan of), the “wise” decision felt elusive. As you know from the headline of this piece, though, we chose debt, and it paid off.

The benefits of choosing debt over equity

There ended up being two “layers” of benefits to our debt round. The benefits of the first layer correspond directly with the goals I mentioned above; we got the cash we needed in order to expand — which meant investing in our team, product, marketing and infrastructure — and avoided diluting the company’s value for existing shareholders in the process.

News: Twitter to begin pilot testing Fleet ads starting today

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

Ads are coming to Twitter’s version of Stories, known as Fleets. The company announced today it will began pilot testing Fleet ads in the U.S., which will bring full-screen, vertical format ads to Twitter for the first time, allowing it to better compete with the vertical ads offered across social media platforms, including Facebook, Instagram,

Ads are coming to Twitter’s version of Stories, known as Fleets. The company announced today it will began pilot testing Fleet ads in the U.S., which will bring full-screen, vertical format ads to Twitter for the first time, allowing it to better compete with the vertical ads offered across social media platforms, including Facebook, Instagram, Snapchat and TikTok, among others.

The new Fleet ads will appear in between Fleets from people you follow and will support both images and video in 9:16 format. The video ads support up to 30-seconds of content, and brands can also include a “swipe up” call-to-action within their ads.

For video, this is shorter than what Instagram offers (up to 120 seconds) or TikTok (up to 60 seconds), but is in line with best practices which stress that shorter ads can be better.

Twitter didn’t say how often you’ll see a Fleet ad as you swipe, saying only that it will “innovate, test and continue to adapt” in this area, as it learns how people engage.

Advertisers, meanwhile, will receive standard Twitter ad metrics for their Fleet ads, including impressions, profile visits, clicks, website visits, and more. And for video ads, Twitter will report video views, 6s video views, starts, completes, quartile reporting and other metrics.

Image Credits: Twitter

The company is launching the pilot program in the U.S. with just 10 advertisers, including those in tech, retail, dining and CPG verticals.

Twitter says the pilot will help the company to understand how well these types of ads perform on Twitter, which will inform the company not only how to better optimize Fleet ads going forward, but also other areas where it may launch full-screen ads further down the road. In addition, it wants to learn how people feel about and engage with full-screen ads, as the test continues.

Twitter had first begun experimenting with Fleets in spring 2020 as a way to offer a Stories-like product experience where users could post ephemeral content. At the time, the company hoped Fleets would encourage more hesitant users to share content to the platform, as Fleets disappeared after 24 hours, reducing the pressure to perform that comes with posting directly. They also don’t circulate Twitter like retweets and quote tweets do, nor do they show up in Search or Moments.

Image Credits: Twitter

The feature rolled out to global users in November 2020. They were initially criticized by some who felt that Fleets were yet another example of how all social apps were starting to look the same. Nevertheless, Fleets have now become a core part of the Twitter experience.

Today, people use Fleets to point to other tweets they’ve posted, or to share personal updates, photos, and commentary. However, unlike Stories on other platforms, like Snapchat or Instagram, Fleets still offer a fairly bare bones experience in terms of creator tools. You can change the background color, add stickers and text, but that’s about it.

Twitter declined to say how many or what percentage of Twitter’s active user base has now adopted Fleets, noting instead that 73% of those who post Fleets say they also browse what others are sharing. The company says it plans to roll out new updates and features to Fleets in the future, as it continues to invest in the product.

Fleet ads will launch today in the U.S. across both iOS and Android.

News: 7-Eleven to install 500 EV charging stations by the end of 2022

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

Convenience stores are ubiquitous – and they sell the vast majority of gas purchased by consumers in the United States. But as more Americans transition to electric vehicles, a major reason people visit convenience stores will disappear. Industry giant 7-Eleven is looking to capture this growing market of EV drivers. The company said Tuesday it

Convenience stores are ubiquitous – and they sell the vast majority of gas purchased by consumers in the United States. But as more Americans transition to electric vehicles, a major reason people visit convenience stores will disappear.

Industry giant 7-Eleven is looking to capture this growing market of EV drivers. The company said Tuesday it will install 500 direct-current fast charging ports at 250 locations across North America by the end of 2022. These charging stations will be owned and operated by 7-Eleven, as opposed to fuel at its filling stations, which must be purchased from suppliers.

Many charging stations from some of the country’s largest providers, like EVgo, ChargePoint or Tesla’s Supercharger network, are located in a patchwork of parking lots adjacent to shopping malls or retailers like Target. But a major draw of convenience stores like 7-Eleven is that they’re already located in areas adjacent to highways or major roads – so they may have a leg up in attracting drivers.

7-Eleven may have another advantage in choosing to install DC fast chargers as opposed to slower level 2 chargers: The majority of convenience retailers are designed for quick, in-and-out service – around the time it takes to fill a tank of gas. Many don’t offer temperature-controlled places to sit, so a longer charging time would likely pose a problem for drivers. While older EV models are limited by the amount of kilowatt charges they can accept (so the output rate of the charger is inconsequential to how long it takes to charge the battery), newer vehicles can accept a wider range of charging rates.

As charging infrastructure – or lack thereof – remains one of the largest barriers to EV adoption, planned build-outs from mainstream retailers like the one announced by 7-Eleven could help reduce some consumer hesitancy over EVs.

The 500 charging stations will join 7-Eleven’s existing network of 22 charging stations, which are located in 14 stores across four states.

News: Sprinklr’s IPO filing shows uneven cash flow but modest growth

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

With American stocks back near record highs, it could be a propitious moment to list for software companies that lack impressive top-line expansion results.

Another week, another unicorn IPO. This time, Sprinklr is taking on the public markets.

The New York-based software company works in what it describes as the customer experience market. After attracting over $400 million in capital while private, its impending debut will not only provide key returns to a host of venture capitalists but also more evidence that New York’s startup scene has reached maturity. (More evidence here.)

The Exchange explores startups, markets and money. 

Read it every morning on Extra Crunch or get The Exchange newsletter every Saturday.

Sprinklr last raised a $200 million round at a $2.7 billion valuation in September 2020. That round, as TechCrunch reported, also included a host of secondary shares and $150 million in convertible notes. Inclusive of the latter instrument, Sprinklr’s total capital raised to date soars above the $500 million mark.

Temasek Holdings, Battery Ventures, ICONIQ Capital, Intel Capital and others have plugged funds into Sprinklr during its startup days.

Sure, Robinhood didn’t file last week as many folks hoped, but the Sprinklr IPO ensures that we’ll have more than just SPACs to chat about in the coming days. But one thing at a time. Let’s discuss what Sprinklr does for a living.

Sprinklr’s business

Sprinklr’s IPO filing and corporate website suffer from a slight case of corporate speak, so we have some work to do this morning to determine what the company does. Here’s what the company says about itself in its filing:

Sprinklr empowers the world’s largest and most loved brands to make their customers happier.

We do this with a new category of enterprise software — Unified Customer Experience Management, or Unified-CXM — that enables every customer-facing function across the front office, from Customer Care to Marketing, to collaborate across internal silos, communicate across digital channels, and leverage a complete suite of modern capabilities to deliver better, more human customer experiences at scale — all on one unified, AI-powered platform.

Not very clear, yeah? Don’t worry, I’ve got you. Here’s what the company actually does:

News: Indivisible is training an army of volunteers to neutralize political misinformation

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

The grassroots Democratic organization Indivisible is launching its own team of stealth fact-checkers to push back against misinformation — an experiment in what it might look like to train up a political messaging infantry and send them out into the information trenches. Called the “Truth Brigade,” the corps of volunteers will learn best practices for

The grassroots Democratic organization Indivisible is launching its own team of stealth fact-checkers to push back against misinformation — an experiment in what it might look like to train up a political messaging infantry and send them out into the information trenches.

Called the “Truth Brigade,” the corps of volunteers will learn best practices for countering popular misleading narratives on the right. They’ll coordinate with the organization on a biweekly basis to unleash a wave of progressive messaging that aims to drown out political misinformation and boost Biden’s legislative agenda in the process.

Considering the scope of the misinformation that remains even after social media’s big January 6 cleanup, the project will certainly have its work cut out for it.

“This is an effort to empower volunteers to step into a gap that is being created by very irresponsible behavior by the social media platforms,” Indivisible co-founder and co-executive director Leah Greenberg told TechCrunch. “It is absolutely frustrating that we’re in this position of trying to combat something that they ultimately have a responsibility to address.”

Greenberg co-founded Indivisible with her husband following the 2016 election. The organization grew out of the viral success the pair had when they and two other former House staffers published a handbook to Congressional activism. The guide took off in the flurry of “resist”-era activism on the left calling on Americans to push back on Trump and his agenda.

Indivisible’s Truth Brigade project blossomed out of a pilot program in Colorado spearheaded by Jody Rein, a senior organizer concerned about what she was seeing in her state. Since that pilot began last fall, the program has grown into 2,500 volunteers across 45 states.

The messaging will largely center around Biden’s ambitious legislative packages: the American Rescue plan, the voting rights bill HR1 and the forthcoming infrastructure package. Rather than debunking political misinformation about those bills directly, the volunteer team will push back with personalized messages promoting the legislation and dispelling false claims within their existing social spheres on Facebook and Twitter.

The coordinated networks at Indivisible will cross-promote those pieces of semi-organic content using tactics parallel to what a lot of disinformation campaigns do to send their own content soaring (in the case of groups that make overt efforts to conceal their origins, Facebook calls this “coordinated inauthentic behavior.”) Since the posts are part of a volunteer push and not targeted advertising, they won’t be labeled, though some might contain hashtags that connect them back to the Truth Brigade campaign.

Volunteers are trained to serve up progressive narratives in a “truth sandwich” that’s careful to not amplify the misinformation it’s meant to push back against. For Indivisible, training volunteers to avoid giving political misinformation even more oxygen is a big part of the effort.

“What we know is that actually spreads disinformation and does the work of some of these bad actors for them,” Greenberg said. “We are trying to get folks to respond not by engaging in that fight — that’s really doing their work for them — but by trying to advance the kind of narrative that we actually want people to buy into.”

She cites the social media outrage cycle perpetuated by Georgia Rep. Marjorie Taylor Greene as a harbinger of what Democrats will again be up against in 2022. Taylor Greene is best known for endorsing QAnon, getting yanked off of her Congressional committee assignments and comparing mask requirements to the Holocaust — comments that inspired some Republicans to call for her ouster from the party.

Political figures like Greene regularly rile up the left with outlandish claims and easily debunked conspiracies. Greenberg believes that political figures like Greene who regularly rile up the online left suck up a lot of energy that could be better spent resisting the urge to rage-retweet and spreading progressive political messages.

“It’s not enough to just fact check [and] it’s not enough to just respond, because then fundamentally we’re operating from a defensive place,” Greenberg said.

“We want to be proactively spreading positive messages that people can really believe in and grab onto and that will inoculate them from some of this.”

For Indivisible, the project is a long-term experiment that could pave the way for a new kind of online grassroots political campaign beyond targeted advertising — one that hopes to boost the signal in a sea of noise.

News: Kudos, with its cotton-based, eco-friendly diaper, soaks up $2.4 million in seed funding

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

If you’ve experienced parenthood, you’re well versed in the surprisingly small world of disposable diapers. Help may be on the way. Kudos, a startup that is looking to reinvent the disposable diaper with sustainability in mind, announced the close of a $2.4 million seed round of financing today. Investors include Foundation Capital, XFund, PJC, Precursor

If you’ve experienced parenthood, you’re well versed in the surprisingly small world of disposable diapers. Help may be on the way.

Kudos, a startup that is looking to reinvent the disposable diaper with sustainability in mind, announced the close of a $2.4 million seed round of financing today. Investors include Foundation Capital, XFund, PJC, Precursor Ventures, Liquid 2 Ventures,  SV Angel, Underscore VC, Alpha Bridge Ventures, April Underwood and more.

Cofounder and CEO Amrita Saigal says that Kudos is the first and only disposable baby diaper to earn the cotton natural seal from Cotton Inc. for having 100 percent cotton touching the baby’s skin instead of plastic. They’re also made with four times more plant-based materials than the top disposable diaper out there.

Disposable diapers are made up of many layers. Your average disposable diaper from brands like Huggies, Pampers, etc. employ petrochemicals, fabrics like polyester, and a whole lot of plastic. In fact, despite how soft it feels, most disposable diapers’ top sheet (the part that touches your baby’s skin) are made of plastic.

Kudos uses organic cotton in place of that, and focuses on using green materials, with the absorbent core of the diaper made of wood fluff pulp that is totally chlorine free and harvested through the Forest Stewardship Council.

All that said, Saigal explained that performance is just as important as the composition of the diaper, saying that most parents feel that going to a more eco-friendly product sometimes means trading on performance. She explained how parents often have a much higher standard for products for their babies than they do for their own products.

“When I’m thinking about feminine care products, I might go to an eco-friendly product and it’ll be a pain if it has a little bit less performance but I can handle that for myself,” said Saigal. “But with parents, if their kid gets a rash it affects their life and their sleep. When it comes to diapers, parents aren’t willing to give that same leeway for a sustainable product.”

News: Goldman Sachs leads $202M investment in project44, doubling its valuation to $1.2B in a matter of months

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

The COVID-19 pandemic disrupted a lot in the world, and supply chains are no exception.  A number of applications that aim to solve workflow challenges across the supply chain exist. But getting real-time access to information from transportation providers has remained somewhat elusive for shippers and logistics companies alike.  Enter Project44. The 7-year-old Chicago-based company

The COVID-19 pandemic disrupted a lot in the world, and supply chains are no exception. 

A number of applications that aim to solve workflow challenges across the supply chain exist. But getting real-time access to information from transportation providers has remained somewhat elusive for shippers and logistics companies alike. 

Enter Project44. The 7-year-old Chicago-based company has built an API-based platform that it  says acts as “the connective tissue” between transportation providers, third-party logistics companies, shippers and the systems. Using predictive analytics, the platform provides crucial real-time information such as estimated time of arrivals (ETAs).

“Supply chains have undergone an incredible amount of change – there has never been a greater need for agility, resiliency, and the ability to rapidly respond to changes across the supply chain,” said Jason Duboe, the company’s Chief Growth Officer.

And now, project44 announced it has raised $202 million in a Series E funding round led by Goldman Sachs Asset Management and Emergence Capital. Girteka and Lineage Logistics also participated in the financing, which gives project44 a post-money valuation of $1.2 billion. That doubles the company’s valuation at the time of its Insight Partners-led $100 million Series D in December.

The raise is quite possibly the largest investment in the supply chain visibility space to date.

Project44 is one of those refreshingly transparent private companies that gives insight into its financials. This month, the company says it crossed $50 million in annual recurring revenue (ARR), which is up 100% year over year. It has more than 600 customers including some of the world’s largest brands such as Amazon, Walmart, Nestle, Starbucks, Unilever, Lenovo and P&G. Customers hail from a variety of industries including CPG, retail, e-commerce, manufacturing, pharma, and chemical.

Over the last year, the pandemic created a number of supply chain disruptions, underscoring the importance of technologies that help provide visibility into supply chain operations. Project44 said it worked hard to help customers to mitigate “relentless volatility, bottlenecks, and logistics breakdowns,” including during the Suez Canal incident where a cargo ship got stuck for days.

Looking ahead, Project44 plans to use its new capital in part to continue its global expansion. Project44 recently announced its expansion into China and has plans to grow in the Asia-Pacific, Australia/New Zealand and Latin American markets, according to Duboe.

“We are also going to continue to invest heavily in our carrier products to enable more participation and engagement from the transportation community that desires a stronger digital experience to improve efficiency and experience for their customers,” he told TechCrunch. The company also aims to expand its artificial intelligence (AI) and data science capabilities and broaden sales and marketing reach globally.

Last week, project44 announced its acquisition of ClearMetal, a San Francisco-based supply chain planning software company that focuses on international freight visibility, predictive planning and overall customer experience. WIth the buy, Duboe said  project44 will now have two contracts with Amazon: road and ocean. 

“Project44 will power what they are chasing,” he added.

And in March, the company also acquired Ocean Insights to expand its ocean offerings.

Will Chen, a managing director of Goldman Sachs Asset Management, believes that project44 is unique in its scope of network coverage across geographies and modes of transport.  

“Most competitors predominantly focus on over-the-road visibility and primarily serve one region, whereas project44 is a truly global business that provides end-to-end visibility across their customers’ entire supply chain,” he said.

Goldman Sachs Asset Management, noted project44 CEO and founder Jett McCandless, will help the company grow not only by providing capital but through its network and resources.

News: Max Q: Selling space

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

Max Q is a weekly newsletter from TechCrunch all about space. Sign up here to receive it weekly on Mondays in your inbox. This week actually includes two, since I was out last week for a Canadian national holiday (and back today for the U.S. one, ironically). There’s plenty to cover, including Blue Origin’s bidding

Max Q is a weekly newsletter from TechCrunch all about space. Sign up here to receive it weekly on Mondays in your inbox.

This week actually includes two, since I was out last week for a Canadian national holiday (and back today for the U.S. one, ironically). There’s plenty to cover, including Blue Origin’s bidding process, lunar landers, spaceships launching at sea and the return of our very own space event.

Blue Origin’s big bid

Blue Origin is auctioning off one seat on its first ever human spaceflight, and the bidding got started at $1.4 million — or at least, the public bidding started there. Before last week, people had been submitting blind bids, but now Blue Origin is posting the top current bid to its website whenever it hits a new high. It’s currently set at $2.8 million, meaning it’s doubled since the bids opened up to public scrutiny, and presumably FOMO.

Everything’s building up to June 12, when the auction will conclude with a live, real-time online competitive bidding round. Seems likely it’ll at least cross the $3 million mark before all’s said and done, which is good news for Blue Origin, since run-of-the-mill tickets for the few minutes in suborbital space going forward will probably end up more in the hundreds of thousands of dollars range.

The winning bidder will be flying on July 20, if all goes to the current plan, and will be accompanied by other passengers selected by Blue Origin through some other mechanism. We don’t yet know who else will be on the ride. Bezos maybe?

SpaceX’s Deimos spaceport is under construction

ENSCO offshore oil rig like the one SpaceX is converting.

SpaceX is really flexing its sci-fi-made-real muscle with its latest move: The company is turning two offshore oil rig platforms into floating spaceports, and one of the two, codenamed ‘Deimos’ after one of Mars’ moons, is already being worked on. SpaceX CEO Elon Musk shared that the company is hoping to have it ready for operations next year, meaning it could host actual launches in 2022.

Eventually, Deimos and its twin, Phobos, will provide launch and landing services to SpaceX’s first fully reusable launch vehicle — Starship. Starship only just managed to land successfully after a high, but still very much atmospheric flight test, however, so it has a way to go before it’s making amphibious departures and arrivals using the converted oil platforms.

Putting these in the ocean presumably helps solve some key issues, not least of which is being mindful of the impact of launching absolutely massive rockets on land anywhere near people. Ditto the landings, which at least early on, are bound to be risky affairs better carried out with a buffer of surrounding ocean.

Landers; lunar ones

Concept graphic depicting ispace’s HAKUTO-R lander and rover.

There’s quite a bit of lunar lander news this week, including Japan’s ispace revealing that it’ll provide commercial lunar lander service to both Canada and Japan, with a ride for both provided by SpaceX and its Falcon 9 rocket. These will be two separate missions, with the first one set for next year, and the second one set to take place in 2023.

Both will use ispace’s Hakuto-R lander, which it originally developed to take part in the Google-backed Lunar XPRIZE competition. That ended without a winner, but some companies, including ispace, continued to work on their landers with an eye to commercialization. The Hakuto-R being sent on behalf of JAXA will carry an adorable ball-shaped Moon robot which looks like a very novel take on a rover.

Meanwhile, GM announced this past week that it’s working with space industry veteran Lockheed Martin to develop a next-gen Moon rover that will provide future lunar astronauts with more speed and greater range. GM and Lockheed will still have to win a NASA contract in order to actually make the thing, but they’re clearly excited about the prospect.

TC Sessions: Space is back in December

Last year we held our first dedicated space event, and it went so well that we decided to host it again in 2021. This year, it’s happening December 14 and 15, and it’s once again going to be an entirely virtual conference, so people from all over the world will be able to join.

We had an amazing line-up of guests and speakers at last year’s event, including Rocket Lab’s Peter Beck, NASA’s Kathy Lueders and more, and we’re already working on a fantastic follow-up agenda that’s sure to thrill all kinds of space fans.

You can already get tickets, and if you get in early, you save $100.

News: Equity Tuesday: Everyone is raising money at the same time

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast where we unpack the numbers behind the headlines. This is Equity Monday Tuesday, our weekly kickoff that tracks the latest private market news, talks about the coming week, digs into some recent funding rounds and mulls over a larger theme or narrative from the private markets.

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast where we unpack the numbers behind the headlines.

This is Equity Monday Tuesday, our weekly kickoff that tracks the latest private market news, talks about the coming week, digs into some recent funding rounds and mulls over a larger theme or narrative from the private markets. You can follow the show on Twitter here and myself here.

We are back from a long weekend here in America. But not break here in the States can stop the flow of global tech news. So, here’s the rundown:

• The Weekend: Tata bought BigBasket, setting up a fascinating ecommerce war in India. China is cracking down on edtech companies, leading to an IPO freeze. And Wejo is going public via a SPAC. You can read its investor deck here.
• This Morning: The are a zillion funding rounds in Europe and globally this morning, the start of what could be a super busy week’s cycle. Private Equity is buying Cloudera, which is a surprise. Nio had chip shortage issues that impacted its delivery cadence. The Chinese EV company does expect to meet its Q2 delivery goal, however.
• Funding Rounds: Truebill raised $45 million. Chipper Cash raised $100 million. Zenyum raised $40 million. WeFox raised $650 million. Malt raised $97 million. Sennder raised $80 million. idwall raised $38 million. Belvo raised $43 million. And that was not even close to all the big ones.
• Riff: Late last week we missed the Sprinklr filing. You can read it here. Quite a number of VCs have money riding on the IPO.

Welcome back, America, to the week. It’s nice to see you, everyone else. Maybe Robinhood will file this week.

News: Hackers are targeting employees returning to the post-COVID office

• June 1, 2021
• by:   
• in:  Blog 
• note:  no comments 

With COVID-19 restrictions lifting and employees starting to make their way back into offices, hackers are being forced to change tack. While remote workers have been scammers’ main target for the past 18 months due to the mass shift to home working necessitated by the pandemic, a new phishing campaign is attempting to exploit those

With COVID-19 restrictions lifting and employees starting to make their way back into offices, hackers are being forced to change tack. While remote workers have been scammers’ main target for the past 18 months due to the mass shift to home working necessitated by the pandemic, a new phishing campaign is attempting to exploit those who have started to return to the physical workplace.

The email-based campaign, observed by Cofense, is targeting employees with emails purporting to come from their CIO welcoming them back into offices.

The email looks legitimate enough, sporting the company’s official logo in the header, as well as being signed spoofing the CIO. The bulk of the message outlines the new precautions and changes to business operations the company is taking relative to the pandemic.

If an employee were to be fooled by the email, they would be redirected to what appears to be a Microsoft SharePoint page hosting two company-branded documents. “When interacting with these documents, it becomes apparent that they are not authentic and instead are phishing mechanisms to garner account credentials,” explains Dylan Main, threat analyst at Cofense’s Phishing Defense Center.

However, if a victim decides to interact with either document, a login panel appears and prompts the recipient to provide login credentials to access the files.

“This is uncommon among most Microsoft phishing pages where the tactic of spoofing the Microsoft login screen opens an authenticator panel,” Main continued. “By giving the files the appearance of being real and not redirecting to another login page, the user may be more likely to supply their credentials in order to view the updates.”

Another technique the hackers are employing is the use of fake validated credentials. The first few times login information is entered into the panel, the result will be the error message that states: “Your account or password is incorrect.”

“After entering login information a few times, the employee will be redirected to an actual Microsoft page,” Main says. “This gives the appearance that the login information was correct, and the employee now has access to the OneDrive documents. In reality, the threat actor now has full access to the account owner’s information.”

While this is one of the first campaigns that’s been observed targeting employees returning to the workplace (Check Point researchers uncovered another last year), it’s unlikely to be the last. Both Google and Microsoft, for example, have started welcoming staff back to office cubicles, and the majority of executives expect that at least 50% of employees will be back working in the office by July, according to a recent PwC study.

“We saw threat actors follow the trends throughout the pandemic, and we expect they are likely to leverage themes of returning to work in their attacks in the coming months,” Tonia Dudley, a strategic advisor at Cofense, told TechCrunch. “We can expect remote workers to continue to be targeted as well. While employers begin to bring staff back to the office, it’s likely we’ll see a hybrid model of work moving forward. Both groups will be targets for phishing attacks.”

Threat actors typically adapt to exploit the global environment. Just as the shift to mass working over remote connections led to an increase in the number of attacks attempting to exploit remote login credentials, it’s likely the number of attacks targeting on-premise networks and office-based workers will continue to grow over the coming months.