Product Solutions Technology About Careers Blog Contact Request Demo
Product Overview Inbound Protection Email Account Compromise SOC Platform Tools Technology About News and Events Request Demo Close menu

Blog

ESG Survey Explores Gaps in Business Email Compromise (BEC) Controls in Cloud Email Platforms

To track the history of email security, there’s no better gauge than the FBI Internet Crime Complaint Center (IC3)’s annual Internet Crime Report. Prior to 2015, phishing and spoofing were included among several other online crimes reported to the bureau, noted as part of Nigerian prince email scams and in footnotes.  It wasn’t until 2015 …

February 27, 2020

Curtis Casella

Read more

Abnormal Attack Stories #4: Coronavirus Phishing Attacks

Quick Summary: Platform: Office 365 # Mailboxes: Between 1,000 and 5,000 Email Gateway: MessageLabs Email Security: Office 365 Victims: Internal Employees Payload: Malicious Link Technique: Brand Impersonation What was the attack? Setup: This attacker registered a new domain (cdc-gov.org) at the end of January from which they could send convincing-looking emails impersonating the CDC. Email …

February 14, 2020

Abnormal Security

Read more

Abnormal Attack Stories #3: O365 Takeover Without Stealing Credentials

Quick Summary: Platform: Office 365 # Mailboxes: Between 10,000 and 15,000 Email Gateway: None Email Security: Office 365 Victims: Internal Employees Payload: Office 365 App Technique: Brand Impersonation What was the attack? Setup: The attacker leveraged an Office 365 app which, according to PhishLabs, was created using information stolen from a legitimate organization. This app …

January 21, 2020

Abnormal Security

Read more

Abnormal Attack Stories #2: Microsoft Impersonation => Phishing + MFA Bypass

Quick Summary: Platform: Office 365 # Mailboxes: 2,500 to 5,000 Email Gateway: None Email Security: Microsoft ATP Victims: IT Administrators Payload: Link Technique: Vendor Impersonation What was the attack? Setup: The attacker compromised an existing domain that did not have any bad reputation associated with it (e.g. off-55.tk). The attacker then registered a new domain …

January 14, 2020

Abnormal Security

Read more

Abnormal Attack Stories #1: Executive Impersonation and Vendor Invoice Fraud

Quick Summary: Platform: Office 365 # Mailboxes: >50,000 Email Gateway: IronPort Email Security: ATP Victims: Accounting Employee Payload: Invoice attachment Technique: Executive Impersonation What was the attack? Setup: The attacker posed as an executive at the organization and asked an employee in accounting to pay an invoice, but failed to attach the invoice to the …

January 7, 2020

Abnormal Security

Read more