By Ryan Lefkowitz, Engineer at Outtake
Since Outtake's first foray into cybersecurity, our mission has been to build a better internet, a more truthful internet. We've given our clients the tools to find impersonation and fraud across the open web at a scale no human team could match, and the automation to take it down faster than the people behind it can spin it back up.
But there's one class of scam we always knew we could do more on. The oldest one on the internet, still working since the day commercial email existed: the email scam. You've seen it: forwarded to your security inbox, dropped in a Slack or Teams thread that started with "is this real?", or attached to a wire transfer that almost happened.
For thirty years, attackers have used inboxes to extract credentials, money, and access from employees at every level of the org chart. Pretexting executives, spoofing vendors, planting fake invoices, dangling fake login pages. The FBI's IC3 reported $2.7 billion in business email compromise losses in 2024, and that's only what got reported. The playbook hasn't really changed. What's changed is that AI now lets a single attacker run it against thousands of targets a day, with perfect grammar and a believable backstory.
And while the defense has evolved slowly, the recon and response have remained stagnant. Most security teams still do the same thing they've done for years: tell employees to forward suspicious emails to a shared inbox, and have someone on the team work through the queue. Sometimes a vendor gets notified, sometimes a domain gets blocked, sometimes nothing happens at all. The inbox grows faster than the queue shrinks, and the scammer keeps moving.
Plenty of products have taken swings at this. The ones that block the email leave the operator untouched. The ones that route alerts stall the moment a lure changes shape. The ones that hand you indicators leave the action to you. None of them close the loop on the operator behind the email.
That's the gap. Intake closes it.
How Intake Got Built
I'm Ryan Lefkowitz, an engineer at Outtake. When I joined as the newest engineer on the team, Outtake Intake was a hand-drawn box on a whiteboard. I was given the chance to lead v0. The deal was simple: we had a design partner waiting, a global Tier 1 asset manager whose security analysts were spending hours every week doing the same forensic work on the same kinds of forwarded emails, and we had to ship something that earned its keep.
Outtake works with design partners because there's no faster way to know whether what you're building actually matters. A good partner pushes you into a problem you couldn't have invented on your own, and keeps you honest about what v0 has to be versus what it could become in v3.
In our case, our partners were asking us to take the most painful, most repetitive parts and make them faster than a human alone could do them. Pull the indicators out of the email. Match them against the people and brands the customer was protecting. Decide whether this is something to act on, something to escalate, or something to ignore. Kick off the downstream work without anyone having to copy and paste.
I didn't do this on an island. Something like this, on a timeline like ours, could have only shipped with the teammates who were by my side. Several of my teammates paired with me on architecture, and the choices we made together are why Intake is reliable in production today. Another group of teammates served as our product compass, fighting back every time we tried to over-engineer v0 into v3. And the design partner gave us the kind of insights and adjustments we couldn't have generated on our own, sharpening v0 with every conversation. With that team behind me, v0 went from a sketch on a whiteboard to a system running real fraud cases for the partner in production.
Where Intake Sits in the Outtake Funnel
Brand Protection at Outtake has always led with outbound. We crawl the open web, hunt impersonations, and take down the infrastructure behind them. Intake adds the inbound side: the threats that never reach the open web in the first place, the ones a customer, an employee, or a victim has to hand to us directly. Same capability, pointed both ways.
Every workflow Outtake runs moves through three agentic stages.
Search Agent. We map the surface area of a threat by enriching every URL, account, and indicator we touch. Who registered it, where it's hosted, what it's connected to, what it looks like to a real user.
Triage Agent. We extract signals from each alert and let an agent reason over them. The agent decides what to act on, what to escalate, and what's noise.
Remediation Agent. We automate the takedown layer so a scammer's reach shrinks faster than they can grow it back.
Most Outtake workflows begin with something we find on the open internet. A spoofed domain we crawled. A fake ad we surfaced from a search. A counterfeit listing we scraped from a marketplace. Intake flips the starting point. The threat doesn't start with us. It starts with an employee clicking "forward" on an email they didn't trust. Different start, same downstream funnel.
To make that work, we built a new abstraction on top of our existing alert system: the Case alert. I like to think of it the way a detective or a lawyer thinks about a case file. The original email is there. Every attachment is there. The indicators we pulled out, the agent's reasoning, every child alert we spin off the case, all linked, all auditable, all in one place.
When the triage agent finishes with a case, it lands in one of three states:
- Ignored: when the email is noise and there's nothing to act on.
- Needs Review: when an analyst should weigh in before we move.
- Ready: when we have enough confidence to keep going.
A Ready case produces ordinary Content, Account, and Domain alerts, the same alert types the rest of Outtake has always handled. Those child alerts flow into the same signal extraction, the same workflows, and the same takedown surfaces we've spent years building. Intake isn't a parallel stack. It's a new front door onto the existing one, and the whole platform inherits the new input for free.
The Discovery Funnel
What I believe is most surprising about Intake isn't the engineering. It's how much we were missing without it.
Most of the threats Intake surfaces would be hard or impossible to find through public-internet monitoring alone. A spear-phishing email impersonating a CFO doesn't live on the open web. It lives in an inbox, often connected to a network of domains inaccessible from the open web. A fake invoice from a spoofed vendor never gets indexed. A wire-fraud lure addressed to a single employee leaves no public footprint. You can crawl the entire internet and still miss the email sitting in someone's spam folder.
Once a case lands in Ready, the indicators we pulled out of it don't dead-end at a takedown. Domains and accounts flow into the Recon Agent, our autonomous investigator, which takes the seed and builds out the adversarial graph around it. Patterns across cases feed the Digest Agent, which is how we identify emerging campaigns instead of isolated incidents.
Effectively, a single forwarded email becomes the seed of an investigation that maps the operation behind it. One report in, an actor's network out.
To paint a clearer picture of how this goes. An employee forwards an email that looks like it's from the CFO: an urgent payment request, slightly off domain. Intake pulls the spoofed domain, matches the impersonated executive, and the case lands Ready. The Recon Agent picks up the domain and finds the registrar pattern and the sibling infrastructure the same operator is running. The Digest Agent links the lure to a cluster of similar CFO-impersonation emails we've seen across other customers' inboxes. One case, one inbox, the whole campaign on the wall.
Email is what I worked on most, but it isn't where Intake stops. The same pipeline picks up complaints from web forms, customer support queues, victim reports, employee escalations, and compliance hotlines. Wherever a real person hands you a piece of fraud, Intake can take it from there.
Closing the Loop
Intake is a shift in how we play.
Intake shipped this fast because Outtake's Digital Trust Platform was already there: the agent fleet, the threat graph, the takedown layer that reaches every attack surface. All of it built and running. Intake just had to plug in.
With Intake, the target a scammer puts on your back becomes the way we take their network down.
That's the loop we wanted to close. We've closed it. What's next is making it tighter, faster, and wider across every inbound channel attackers use.
If you handle a fraud inbox today, see Intake handle yours.
Book a demo at outtake.ai/demo-intake.