Abnormal Security Enhances Detection of Business Email Compromise (BEC) Attacks in Cloud Email Security Platform

May 21, 2020

VendorBase Helps Organizations Reduce Cybersecurity Risk Through the Supply Chain

SAN FRANCISCO — May 20, 2020 — Abnormal Security, a leader in protecting large enterprises from Business Email Compromise (BEC) attacks, today introduced VendorBase, a global, federated database that tracks the reputations of an organization’s vendors and customers, and improves detection accuracy of advanced social engineering attacks.

With VendorBase, the Abnormal Cloud Email Security platform aggregates communication in one place to provide customers deeper insight and visibility into a vendor’s reputation and transactions. This unprecedented access gives organizations the ability to see detailed views of all vendors, including profile information, the VendorBase risk assessment score, explanations on risk scores, a timeline view of relevant email communication and security activity for that vendor.

Abnormal also today released research detailing a $700,000 invoice fraud BEC attack on a large telecommunications company. Detected and prevented by VendorBase, this particular attack is notable for its patient engagement of multiple parties over the course of two months and leveraged both simple and sophisticated techniques to execute and progress this attack. Abnormal plans to release similar research on vendor-based attacks in the coming months.

“Our goal from the beginning is to provide the industry’s best detection accuracy of sophisticated BEC attacks,” said Evan Reiser, CEO and co-founder, Abnormal Security. “Before VendorBase, organizations lacked clear visibility of the BEC risk from their supply chains. This new capability greatly mitigates this risk and makes it much easier for organizations to directly remediate and investigate BEC attacks from compromised vendors.”

Through VendorBase, the Abnormal Security platform automatically computes a risk score for each vendor by evaluating email communication across three areas: if the vendor’s domains have been impersonated or spoofed; if the vendor has been compromised; if the vendor is not legitimate or is a suspicious vendor. VendorBase also gathers reports from all customers and uses the results as part of the risk score computation, which is fed back into the VendorBase so it can be used by all Abnormal Security customers.

“Before VendorBase, ensuring that organizations had the necessary visibility of the risk coming in from the supply chain, and even from customers, required a good deal of manual effort on their side,” said Rami Habal, CPO, Abnormal, “VendorBase automates this process, removing manual burden and providing insight into which vendors are known risk vectors. This makes it simple for our customers to mitigate risk, and detect supply chain fraud over email, that otherwise would have been unknown and gone unnoticed until it was too late.”

Abnormal VendorBase is now available in beta and preview only. For more information please visit abnormalsecurity.com/technology/vendorbase/.

About Abnormal Security

The Abnormal Security cloud email security platform protects enterprises from targeted email attacks. Powered by Abnormal Behavior Technology (ABX), the platform combines the Abnormal Identity Model, the Abnormal Relationship Graph and Abnormal Content Analysis to stop attacks that lead to account takeover, financial damage and organizational mistrust. Through one-click, API-based Office 365 and G Suite integration, Abnormal sets up in minutes, requires no configuration and does not impact email flow. Backed by Greylock Partners, Abnormal Security is based in San Francisco, CA www.abnormalsecurity.com


Allison Stokes
fama PR for Abnormal Security
(617) 986-5010

Related News & Press

Usa daily post logo
On a recent Price of Business show, Host Kevin Price interviewed former FBI cyber security expert, Crane Hassold. Crane Hassold is considered the foremost mind in email attacks and serves as Director of Threat Intelligence at Abnormal Security, the leading cloud email security platform.
Read More
The register logo
This summer, Abnormal Security discovered that some of its customers' staff were receiving emails inviting them to install ransomware on a company computer in return for a $1m share of the "profits".
Read More
Digital anarchist logo
Adtech and email security? Abnormal Security CEO Evan Reiser will tell us all about it and how he hopes his company can help. Listen to the podcast to learn more.
Read More
Help net security logo
Abnormal Security announced the Abnormal Integrated Cloud Email Security (ICES) platform. Abnormal ICES is an all-in-one email security platform that provides precision against the full spectrum of email attacks.
Read More
Ciso talks podcast logo
In this episode of CISO Talks, we discuss the sheer amount of marketing noise filling the cyberspace. Buzzwords, acronyms and all sorts are being thrown around manically. A lot of organizations benefit from a marketing focus especially SMBs but this is often prioritized above the technology/product.
Read More
Aix outlook logo
Abnormal Security has announced its Integrated Cloud Email Security (ICES) platform. Unlike other email security platforms, Abnormal ICES provides a single, comprehensive solution for protecting against every kind of email attack. Together with Microsoft 365...
Read More
Cso logo
The damage from executive email account takeovers can run into millions of dollars, as recent examples show. In 2019, Toyota Boshoku Corporation lost $37 million after the information in a payment direction from a third-party was changed...
Read More
Symbol purple 02b
Abnormal Security today announced the Abnormal Integrated Cloud Email Security (ICES) platform. Abnormal ICES is the only all-in-one email security platform that provides unparalleled precision against the full spectrum of email attacks.
Read More
Cyber pro podcast logo
Mike shares his insights and experience on the role of the fundamentals of patch management and access management during these highly innovative times in technology.
Read More
Ciso talks podcast logo
In this episode of CISO Talks, we discuss the advantages of focusing on the problems in cybersecurity without any preconceptions and how this benefits the overall process. This episode is really insightful not just to anyone looking to join the cybersecurity space at any level.
Read More
Cbs chicago 2 logo
If your child’s school gets hacked and their personal information gets stolen, you might never hear about it. CBS 2 found one southwest suburban school district that was targeted.
Read More
Cso logo
Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management, zero-trust, and more.
Read More