Brute Force Email Attacks and Account Takeover Attempts Rise 671%, Reaching Unprecedented Levels, According to Abnormal Security Research

August 30, 2021

New email threat report also finds 61% of organizations experienced a vendor email compromise/supply chain attack in Q2 2021

SAN FRANCISCO, August 30, 2021 – Abnormal Security, provider of a leading cloud-native email security platform that leverages behavioral data science to stop modern email attacks, today released its Q3 2021 Email Threat Report. It examines the escalating adverse impact of socially-engineered and never-seen-before email attacks, and other advanced email threats—both financial and reputational—to organizations worldwide. The report surveyed advanced email attacks across eight major industry sectors, including retail and consumer goods; manufacturing; technology; energy and infrastructure services; medical; media and television; finance; and hospitality.

Key report findings include:

  • 32.5% of all companies were targeted by brute force attacks in early June 2021
  • 137 account takeovers occurred per 100,000 mailboxes for members of the C-suite
  • 61% of organizations experienced a vendor email compromise attack this quarter
  • 22% more business email compromise attacks since Q4 2020
  • 60% chance of a successful account takeover each week for organizations with 50,000+ employees
  • 73% of all advanced threats were credential phishing attacks
  • 80% probability of attack every week for retail and consumer goods, technology, and media and television companies

Over the course of the quarter, Abnormal researchers saw a significant increase in credential phishing, as well as brute force attacks, which are used to obtain personal information such as passwords, passphrases and usernames through a string of continuous, automated attempts. Once accessed, compromised accounts can be leveraged to send additional attacks on coworkers, partners and vendors, and provide the credentials necessary to infiltrate other parts of the organization.

Credential phishing and account takeover is also a major issue because it provides the access needed to send other more nefarious types of attacks such as ransomware and malware.

“Socially-engineered attacks are dramatically rising within enterprises, worldwide, creating unprecedented financial and reputational risks,” said Evan Reiser, CEO, Abnormal Security. “These never-before-seen attacks are becoming more sophisticated with every passing day. They don’t contain indicators of compromise, such as links, attachments and reputational risks, so they evade secure email gateways and other traditional email infrastructure, landing in inboxes where unsuspecting employees fall victim to their schemes, which include ransomware. In order to effectively protect against these attacks, we can no longer rely only upon established threat intelligence. We need to to look farther to comprehensively understand employee and vendor identities, their relationships, all with deep context, including content and tone to baseline good behavior. Any subtle deviations from this baseline expose the possibility of a threat or attack.”

The report also underlines that impersonation is on the rise, with threat actors using both well-known brands and internal automated systems to trick their victims into submitting credentials, revealing sensitive data, or sending money. In fact, impersonation of internal systems like IT Help Desk and IT Support rose 46% over the past two quarters. This increase in specific types of impersonation shows the extent to which cybercriminals are willing to change their tactics, and highlights the need for an email security system that will detect ever-evolving threats.

Download the complete report at:

To learn more about the Abnormal Security Email Security Platform, please visit: 

About Abnormal Security

Abnormal Security provides a leading cloud-native email security platform that leverages AI-based behavioral data science to stop socially-engineered and never-seen-before email attacks that evade traditional Secure Email Gateways (SEGs). Abnormal delivers a fundamentally different approach that precisely detects and protects against the widest range of attacks including phishing, malware, ransomware, social engineering, spam and graymail, supply chain compromise, and internal account compromise. The Abnormal platform delivers inbound email security, internal and external account takeover protection, and full SOC automation. Abnormal’s API-based approach enables customers to get up and running in 15 minutes and can augment a SEG or be used standalone to enhance native Microsoft security protection. Abnormal Security is based in San Francisco, CA. More information is available

Diana Kozak
MWW PR for Abnormal Security

Related News & Press

Usa daily post logo
On a recent Price of Business show, Host Kevin Price interviewed former FBI cyber security expert, Crane Hassold. Crane Hassold is considered the foremost mind in email attacks and serves as Director of Threat Intelligence at Abnormal Security, the leading cloud email security platform.
Read More
The register logo
This summer, Abnormal Security discovered that some of its customers' staff were receiving emails inviting them to install ransomware on a company computer in return for a $1m share of the "profits".
Read More
Digital anarchist logo
Adtech and email security? Abnormal Security CEO Evan Reiser will tell us all about it and how he hopes his company can help. Listen to the podcast to learn more.
Read More
Help net security logo
Abnormal Security announced the Abnormal Integrated Cloud Email Security (ICES) platform. Abnormal ICES is an all-in-one email security platform that provides precision against the full spectrum of email attacks.
Read More
Ciso talks podcast logo
In this episode of CISO Talks, we discuss the sheer amount of marketing noise filling the cyberspace. Buzzwords, acronyms and all sorts are being thrown around manically. A lot of organizations benefit from a marketing focus especially SMBs but this is often prioritized above the technology/product.
Read More
Aix outlook logo
Abnormal Security has announced its Integrated Cloud Email Security (ICES) platform. Unlike other email security platforms, Abnormal ICES provides a single, comprehensive solution for protecting against every kind of email attack. Together with Microsoft 365...
Read More
Cso logo
The damage from executive email account takeovers can run into millions of dollars, as recent examples show. In 2019, Toyota Boshoku Corporation lost $37 million after the information in a payment direction from a third-party was changed...
Read More
Symbol purple 02b
Abnormal Security today announced the Abnormal Integrated Cloud Email Security (ICES) platform. Abnormal ICES is the only all-in-one email security platform that provides unparalleled precision against the full spectrum of email attacks.
Read More
Cyber pro podcast logo
Mike shares his insights and experience on the role of the fundamentals of patch management and access management during these highly innovative times in technology.
Read More
Ciso talks podcast logo
In this episode of CISO Talks, we discuss the advantages of focusing on the problems in cybersecurity without any preconceptions and how this benefits the overall process. This episode is really insightful not just to anyone looking to join the cybersecurity space at any level.
Read More
Cbs chicago 2 logo
If your child’s school gets hacked and their personal information gets stolen, you might never hear about it. CBS 2 found one southwest suburban school district that was targeted.
Read More
Cso logo
Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management, zero-trust, and more.
Read More