A Year in Cybersecurity: Abnormal's Top Blog Posts from 2023

The past 12 months have marked a significant chapter in the cybersecurity narrative. Among the continual threats of business email compromise (BEC) and credential phishing attacks, the surge in the malicious use of generative AI highlighted the evolving tactics of threat actors and underscored the need for increased vigilance.

We understand that navigating the ever-evolving threat landscape can be challenging. We also recognize that one of the most effective ways to defend against attackers is to stay informed. That’s why this year we created more than 250 new assets dissecting emerging email threats and discussing the latest developments in cybersecurity solutions.

As we gear up for another exciting year of research and data analysis, we wanted to first take a moment to showcase some of the blog posts that resonated most with the cybersecurity community in 2023.

With new cyber threats emerging almost daily, staying up to date on the latest cybersecurity trends, news, and best practices can be challenging. To help make it easier, sign up for our newsletter to get the latest Abnormal blog posts delivered right to your inbox.

BEC Group Incorporates Secondary Impersonated Personas and Lookalike Domains in Convincing Third-Party Reconnaissance Attacks

Akin to cold-reading psychics and classic conmen, some bad actors just need a few details to run their scams. One BEC group Abnormal identified requires only the most basic (and publicly available) information to create a targeted campaign.

Unlike cybercriminals who leverage deep insight into a specific vendor-customer relationship, this set of threat actors takes a simpler approach to VEC. Relying just on open-source research to create their realistic malicious emails and fake invoices, these perpetrators don’t actually know what they can extract from a target until one takes the bait.

The Nigerian Prince is Alive and Well: Cybercriminals Use Generative AI and New Themes to Run Their Scams

The Nigerian Prince scam has been up and running since the early days of the Internet, becoming one of the most infamously known social engineering attacks. Despite their absurdity and the huge sums of promised money, people fell for these scams by the thousands. But as they became more popular, awareness grew until they became the subject of many popular memes.

So surely no one is continuing to fall for these scams decades later, right? Alas, decades later, the Nigerian Prince is alive and well, but with a twist: these attackers are wielding new tactics, including generative AI, to run their scams.

Threat Actors Capitalize on Bittrex Bankruptcy to Launch Targeted Phishing Attack

A phishing attack with a believable hook was the perfect opportunity for a set of threat actors to showcase their moral bankruptcy. In October, cybercriminals capitalized upon the Chapter 11 filing of Bittrex, a prominent cryptocurrency exchange, to launch a meticulously planned and precisely targeted phishing campaign.

Seeking to deceive former Bittrex customers into divulging their credentials, the perpetrators lured targets with the promise of accessing remaining funds before they were forfeited. The attackers employed various tactics to make their emails appear genuine—including using a legitimate sender email, masking the phishing link, and incorporating actual information from the bankruptcy proceedings.

QR Code Phishing Attacks: New Abnormal Capabilities Launched to Protect Customers From Quishing

QR codes are everywhere in our day-to-day lives, giving us a convenient way to share and receive information. And while these barcodes are intrinsically harmless, unfortunately, they have become another mechanism bad actors can use to launch attacks. In fact, our data shows that 17% of all malicious emails that bypass native spam/junk filters use QR codes.

Earlier this year, Abnormal announced enhanced capabilities to detect QR codes in emails and parse their corresponding links. Learn how cybercriminals exploit QR codes to execute “quishing” attacks and Abnormal’s AI-native detection engine can stop them.

Generative AI Enables Threat Actors to Create More (and More Sophisticated) Email Attacks

By leveraging advanced machine learning techniques, generative AI enables computers to generate original content. The technology has far-reaching applications, many of which can be used for both personal and professional good. But like anything else, bad actors can take advantage of this technology as well—and they are.

The rise of generative AI tools like ChatGPT is lowering the barrier to entry for cybercriminals looking to launch sophisticated attacks. But what does that look like in practice? See three real-life examples of AI-generated threats that we've stopped for our customers, including a credential phishing campaign, an evolution of a traditional BEC scheme, and a vendor fraud attack.

Stopping Vendor Email Compromise in Action: How Abnormal Detected a $36M Attack

A cunning form of deception, vendor email compromise (VEC) exploits the trust established in business transactions—making it a financial minefield for unsuspecting organizations. Even the most cybersecurity-aware employees can find themselves fooled by these advanced threat tactics that lead to lost revenue.

To make matters worse, threat actors have come a long way from their initial BEC scams in which they requested gift cards for the CEO. After all, why get $1000 in Apple iTunes gift cards when you can get millions instead? And no, we're not exaggerating. Abnormal detected and blocked a vendor fraud attack that requested $36 million.

BEC Groups Wage Multilingual Executive Impersonation Attacks Targeting Companies Worldwide

Bad actors targeting companies across various regions and using multiple languages is nothing new. What is new is that this tactic is no longer limited to just sophisticated threat groups with large budgets. With email marketing and translation tools becoming increasingly accurate and accessible, even smaller BEC groups can easily source contact information for new targets and create more believable emails in the target’s native language.

Earlier this year, Abnormal identified two groups using executive impersonation to execute multilingual BEC attacks on companies worldwide. And while BEC isn’t as common as some other attack types, it represents the most expensive threat currently facing organizations internationally.

14 Cybersecurity Influencers to Follow This Year

Given the near-constant emergence of new cyber threats, staying current with the latest cybersecurity trends, industry news, and best practices can be a daunting task. While platforms such as Twitter/X and LinkedIn offer an efficient means of accessing valuable insights in aggregate, the downside is the prevalence of self-proclaimed "cybersecurity experts," which makes it difficult to identify reliable and accurate information sources.

To help make things easier, we've compiled a list of some of the most innovative thought leaders in cybersecurity, each providing a unique perspective on a wide array of topics and consistently sharing valuable content on Twitter/X, LinkedIn, or both.

Introducing CrowdStrike + Abnormal: New Partnership Delivers Joint AI-Based Threat Detection and Response

Email systems and endpoint devices are two of the biggest attack vectors contributing to cybercrime loss. Threat actors constantly refine their strategies to exploit these entry points, launching advanced socially-engineered email attacks that are often so convincing they evade traditional email security solutions.

Rapid detection and response are critical, but security teams too often deal with a sprawl of point solutions that aren’t well integrated. To solve this problem, earlier this year Abnormal and CrowdStrike entered into a strategic partnership to deliver a turnkey solution that gives joint customers more comprehensive against these threats while reducing their security spend and giving their operational productivity a boost.

An Abnormal Vision: From AI-Powered Email Security to Fully AI-Automated Cybersecurity

In late 2018, Abnormal was founded as a radically different approach to email security—one powered by behavioral AI, designed to stop the most egregious threat facing organizations. This AI approach is what makes our email security platform the most effective one on the market and why more than 14% of the Fortune 500 trust us to keep their inboxes secure.

In four short years, we’ve accomplished a lot as a business—growing to 1300+ customers and 500+ employees, innovating our platform and products, and more. This year we achieved one of the greatest milestones we’ve seen to date: surpassing $100M in ARR, making us the world’s second-fastest-growing cybersecurity company behind Wiz.

One of the few constants in cybersecurity is that threat actors will always find new strategies to compromise end users. That’s why Abnormal is dedicated to equipping organizations with the knowledge and tools necessary to address vulnerabilities and maintain a proactive security posture.

Start the new year strong. Schedule a demo and learn more about how Abnormal can help you protect more, spend less, and secure the future.