News & Press

Zoom users are targeted by a new phishing campaign that uses fake Zoom meeting notifications to threaten those who work in corporate environments that their contracts will either be suspended or terminated.

A new Zoom phishing campaign preys on people’s fears related to job security, tricking them into revealing credentials that criminals can abuse in a variety of ways. The practice of Zoom-bombing is still common across the world, even though the Zoom application has been updated numerous times and new security features have been quickly implemented.

A few days ago, we outlined several phishing campaigns going after Zoom and WebEx credentials of employees. Two new ones are trying to exploit their (at the moment very rational) fears by delivering fake “Zoom meeting about termination” emails and fake notifications about COVID-19 stimulation/payroll processing.

Abnormal Security, a leader in protecting large enterprises from business email compromise (BEC) attacks, today announced the availability of Microsoft Teams protection and integration with Okta to extend email security coverage and protect remote workforces from social engineering attacks.

Abnormal Security announced the availability of Microsoft Teams protection and integration with Okta to extend email security coverage and protect remote workforces from social engineering attacks. Seamlessly delivered through Abnormal Security’s API-based integration with Office 365 and Okta’s Identity Cloud, respectively, these new integrations give enterprises more visibility, extended protection, and faster response to email-borne attacks.

Researchers have uncovered a phishing campaign, designed to steal Zoom credentials, that attempts to trick email recipients into thinking they are about to be laid off amid the pandemic. The attackers hope potential victims will click on a malicious link that supposedly links to a Zoom meeting hosted by human resources.

April is a time for tax-related phishing scams, and we haven't been let down this year despite the dominance of COVID-19-themed phishing campaigns. DMARC should stop phishing, right? Not unless the targeted domain itself is spoofed.

A newly discovered phishing scam attempts to hook Brits with the promise of a tax refund from Her Majesty's Revenue and Customs. Research published today by Abnormal Security details a sophisticated fraud fest in which scammers impersonating the UK government target taxpayers via email.

While remote working provides much-needed protection against COVID-19, it will also open a Pandora’s box of cybersecurity and privacy threats. Among the growing threats are phishing scams, social engineering attacks that trick their victims into downloading malware or revealing sensitive information.

The pandemic has driven more of our personal and work lives online - and for the bad guys, business is booming. Here's how you can protect yourself.

The stimulus checks will go out any day now, and what you need to watch out for are scammers who are ready to take your money. Scammers are hoping to capitalize if you let your guard down regarding your stimulus check.

Millions of Americans and businesses rejoiced when the $2 trillion Coronavirus Aid, Relief, and Economic Security Act was signed into law March 18. The law is part of a larger effort by the US government to help people and businesses that have been harmed by efforts to stop the spread of the coronavirus pandemic.

Email-based phishing schemes continue to trick victims with promises of coronavirus information, cures and vaccines, but now some fraudsters are also sending their targets lures related to the U.S. government-approved stimulus checks promised to most Americans.

In the latest sorry COVID-19 scam, fraudsters are impersonating financial institutions to steal from Americans expecting stimulus checks from the US federal government. Following the outbreak of the novel coronavirus, many Americans have been furloughed, fired, or had their hours or workload reduced as businesses across the country closed and lockdown measures were implemented.

COVID-19 is a rapidly spreading virus that is causing a fundamental shift in how business is conducted in every industry from retail, financial services, healthcare and more. Malicious attacks are rising during this time as hackers see the panic and opportunity to move swiftly to capitalize on fear and desire for answers.

COVID-19-themed scams are exploding both online and offline. Hijacked Twitter accounts peddling fake cures, scammy sites offering emergency supplies, misinformation campaigns, phishing emails and – can you believe it? – even a computer antivirus solution that protects against COVID-19! What will online scammers think of next?

The World Health Organization (WHO) has seen a two-fold increase in cyberattacks targeting the organisation in recent months, according to a report by Reuters. WHO chief information security officer Flavio Aggio told the news service that elite hackers took aim at the organisation earlier this month, attempting to gain unauthorised access to data.

With everyone hunkered down, working from home, taking online classes or just killing the time browsing the web, cyber attacks are exploiting the public’s fears about the coronavirus and using email phishing schemes.

While many across the U.S. and Bay Area are sheltering-in-place, cybercriminals are striking. Cybersecurity experts say online scammers are on the offensive, targeting vulnerable Internet users. The COVID-19 pandemic has changed the way we work, as many are now forced to work from home.

A new phishing email campaign targeting college students and staff to capture log-in credential and infect computers with malware is taking advantage the coronavirus pandemic to appear more legitimate to its targets. This campaign is part of a growing trend of hackers exploiting fears about the novel coronavirus, including government-backed hackers using coronavirus-themed messages to spread spyware and deliver malicious files.

As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns. Another phishing attack, uncovered by Abnormal Security, targeted students and university staff with bogus emails in a bid to steal their Office 365 credentials by redirecting unsuspecting victims to a fake Office 365 login page.

Hackers and cybercriminals have been leveraging the hype and fear connected with the growing COVID-19 pandemic as a tool to steal passwords and data. Discovered by San Francisco-based Abnormal Security, one attack uses an email that looks like it is coming from the school’s “health team” leading to a fake login page that tries to steal the victim’s credentials.

Abnormal Security, a leader in protecting large enterprises from Business Email Compromise (BEC) attacks, today announced completion of the Service Organization Control (SOC 2) examination. Conducted by Coalfire Controls, LLC, a fully licensed, accredited CPA firm and affiliate of Coalfire Systems, Inc, the voluntary examination confirms Abnormal Security’s commitment to inscrutable operating effectiveness.

The RSA Conference 2020 Early Stage Expo is an innovation space dedicated to promoting emerging talent in the industry. Here are some of the most exciting companies exhibiting innovative products and solutions, which you can see in person in the San Francisco Ballroom, Moscone South, Level 2. Abnormal Security Abnormal Security stops targeted email attacks. Abnormal Behavior Technology models the identity of both employees and external senders, profiles relationships and analyzes email content to stop attacks that lead to account takeover, financial damage and organizational mistrust. Abnormal sets up in minutes with Office 365 and G Suite, has no end-user friction, and does not disrupt email flow.