Predicting spam weather

When the pizza box was opened, the smell of cheese mixed with tomato sauce wafted through the conference room. As the gooey slices were handed out and cans of Pepsi were opened, the atmosphere was good-natured. David Poelhuber, the CEO of Zerospam—the boss—took the floor. He talked about his dream.

When he stopped talking, the only sound was the fizz of soft drink bubbles bursting in the plastic cups. A team member raised a hand. “I think it can be done.”

David-linkedIn-42 cropped

David Poellhuber, founder and CEO of Zerospam

AI central to the strategy


Zerospam’s adventure with artificial intelligence began a few years earlier. Founded in 2003, the company is profitable, but remains relatively small in the cybersecurity field. In this highly competitive sector, a major innovation by a competitor could change everything. 


Zerospam has access to tons of data but lacks the means to make productive use of it. And there’s no doubt in David Poelhuber’s mind that artificial intelligence will play a decisive role in his industry. He is in Montreal, a hub of this technology, and he must take advantage of it.


“I was at an AQT event (Association québécoise des technologies),” David recalls, “and my phone rang. I stepped out to answer. It was the National Research Council of Canada calling me about a grant to work on a machine learning component. Right in the middle of an artificial intelligence conference! At that point, I told myself, “the stars are lined up."

However, Zerospam would soon realize that the apparent planetary conjuncture was not synonymous with ease. Applying machine learning to the world of spam was no easy task.

“For artificial intelligence to recognize lung cancer on an X-ray, all we need to do is give it tens of thousands of photos of lung cancers and it will learn to spot them better than the best radiologists,” David explained. “Our problem is that we can't go digging through our clients’ email. We had to take a roundabout way.“

After two years of hard work, the results are finally in. The team managed to create a first system that accurately and automatically adjusts its filter rules, enhancing a company’s ability to distinguish legitimate emails from undesirable ones. This was a first and important victory, but it was not enough. David wanted more.


 This is when he ordered pizza for everyone.


Spam weather


“I think it can be done.” The team Immediately went into brainstorm mode. Ideas popped up and we agreed that there really was a way!


David’s dream was not only to be able to identify spam campaigns, but to prevent them. “I wanted to be able to analyze the spam weather,” he said. “Why can’t we see the threats coming despite the amount of data we have?"


The idea immediately engaged his employees. The means identified was data clustering.


Data clustering is a form of machine learning that consists of grouping similar objects into groups called clusters. David's team can't forage through client emails, but they have access to another source of information: metadata. This information is attached to an e-mail message, giving its origin, the server it passed through, the type of content, its status, the request to confirm it was read.


By grouping emails with similar metadata, it became possible to group them in the form of campaigns. They are then analyzed by the system and alerts are automatically generated if certain elements raise suspicions. Best of all, artificial intelligence is constantly learning and improving to keep pace with threats.


Source : Google, “data clustering” visualization

This intelligence provided by the machine enabled Zerospam to detect a spam campaign in just a few minutes. The company can now block it before it gets to the recipient’s inbox.

“We reached a magical moment where we can study email traffic in real time,” David explained. “By clicking on a button, we could derail an entire fraudulent campaign. Companies all want to see the threats coming. It put us on the map of the threat intelligence market.”

Zerospam was recently acquired by Hornetsecurity, further broadening the range of possibilities while bringing resources to the Zerospam team. The goal, however, remains the same: to make electronic communications more secure. "At the end of the day, our employees can say they helped install protection against spam that tried to cheat their sister or neighbour," said David. “We are clearly working on the right side of the force.”

At the end of the day, our employees can say that they helped install protection against spam that was trying to defraud their sister or neighbor," says David. We're clearly working on the right side of the force."


Prompt supported Zerospam by securing funding from the Quebec Cybersecurity Innovation Program so David could follow his dream. "When I described my project to Prompt, they immediately suggested I talk about it to them in person. They really helped us put our file in impeccable shape to ensure the odds were on our side. As an entrepreneur, feeling received and coached in this way is very valuable.”

Webinaire PROMPT


David Poellhuber's presentation begins at 17m50s.