Abnormal Attack Stories: SBA Loan Phishing
In this attack, malicious actors impersonate a government sponsored loan program from the Small Business Administration to send phishing emails.
August 12, 2020
Abnormal Security
Abnormal Attack Stories: Internal Phishing
In this attack, attackers compromise an internal account within a company and use it to launch internal phishing attacks.
August 9, 2020
Abnormal Security
How Attackers Bypass MFA and Conditional Access to Compromise Email Accounts
Abnormal Security has detected an increase in BEC attacks that successfully compromise email accounts despite multi-factor authentication (MFA) and Conditional Access. While MFA and modern authentication protocols are an important advancement in
August 6, 2020
Erin Ludert
Abnormal Attack Stories: Targeted Hijacked Email Thread / Malware
In this attack, malicious actors insert themselves into an email conversation to deliver malware in an attempt to harvest credentials from employees.
August 5, 2020
Abnormal Security
Payment Inquiries: The Precursors to Invoice and Payment Fraud
Abnormal has detected campaigns targeting our customers where malicious actors will impersonate major brands and reach out to accounting teams to ask if there are any outstanding invoices for the company they
July 30, 2020
Ken Liao
Abnormal Attack Stories: Skype Impersonation Attack
In this attack, attackers impersonate an email from Skype in order to steal user account credentials.
July 28, 2020
Abnormal Security
Abnormal Attack Stories: Sharepoint Attacks
In this attack, malicious actors make use of an automated message from Sharepoint to send phishing emails.
July 27, 2020
Abnormal Security
Abnormal Attack Stories: Spoofed Microsoft Security Alert
In this attack, attackers spoof an internal email from the recipient’s company regarding a security alert in order to steal user account credentials.
July 22, 2020
Abnormal Security
Abnormal Attack Stories: Microsoft Renewal Scam
In this attack, attackers impersonate an email from Microsoft to steal sensitive user information and money.
July 17, 2020
Abnormal Security
Abnormal Attack Stories: Spoofed HR Credential Phishing
In this attack, attackers spoofed an email from the recipient’s company’s HR team in order to steal user account credentials.
July 15, 2020
Abnormal Security
Challenging Verizon’s CIS Control Recommendations for Socially-Engineered Business Email Compromise Attacks
While Verizon’s annual Data Breach Incident Report (DBIR) has always offered recommendations on defense and controls through its findings, this year the report shares formal, standardized security control recommendations to readers. In
July 10, 2020
Ken Liao
Abnormal Attack Stories: Outlook Update Credential Phishing
In this attack, attackers are impersonating an official notification from the Outlook team in order to steal user account credentials of employees at organizations targeted for this attack.
July 8, 2020
Abnormal Security
