Abnormal Blog
Abnormal Security
Abnormal Security provides a leading cloud-native email security platform that leverages AI-based behavioral data science to stop socially-engineered and never-seen-before email attacks that evade traditional secure email gateways. Abnormal delivers a fundamentally different approach that precisely detects and protects against the widest range of attacks including phishing, malware, ransomware, social engineering, spam and graymail, supply chain compromise, and internal account compromise. The Abnormal platform delivers inbound email security, internal and external account takeover protection, and full SOC automation.
Learn how a trusted fuel and convenience retailer blocked 2,300+ attacks missed by Proofpoint and reclaimed 300+ employee hours per month by adding Abnormal.
CryptoGrab, a global cryptocurrency affiliate network, has been defrauding users of millions for more than 5 years using phishing emails and other tactics.
Cybercriminals misuse Google services for phishing, ad hijacking, and more. Learn five attack methods and how to protect your accounts.
Discover how Abnormal's AI helped a leading hospital system by detecting 2,181 malicious messages that Proofpoint missed.
See how Abnormal's AI helped a premium hospitality provider detect 1,366 threats missed by Proofpoint and save 766 hours/month in employee productivity.
Cybercriminals use GhostGPT, an uncensored AI chatbot, for malware creation, BEC scams, and more. Learn about the risks and how AI fights back.
Learn how a multinational travel center services provider blocked 1,180+ attacks missed by Proofpoint and reclaimed 450+ SOC hours per month by adding Abnormal.
Learn how attackers use Google Translate's URL redirection for phishing, exploiting Google’s trust to deceive users and bypass security.
Discover how Abnormal's AI reduced this Fortune 500 automotive retailer and transportation services provider's risk, detecting 5,699 attacks Proofpoint missed and saving 105 SOC hours monthly.
A Fortune 500 transportation and logistics leader blocked more than 6,700 attacks missed by Proofpoint and reclaimed 350 SOC hours per month by adding Abnormal to its security stack.
See how Abnormal's AI helped a Fortune 500 insurance provider detect 27,847 threats missed by Proofpoint and save 6,600+ hours in employee productivity.
Learn how phishing kits provide pre-packaged tools for stealing credentials, bypassing MFA, and targeting platforms like Gmail and Microsoft 365.
A Fortune 500 insurance provider blocked 6,454 missed attacks and saved 341 SOC hours per month by adding Abnormal to address gaps left by Proofpoint.
What happened to WormGPT? Discover how AI tools like WormGPT changed cybercrime, why they vanished, and what cybercriminals are using now.
A leading heavy machinery dealer freed up 255 SOC hours and bolstered protection across their 17,000+ mailboxes by switching from Proofpoint to Abnormal.
Global healthcare provider detects 868 missed attacks and saves 13,000+ hours annually after moving from a Proofpoint SEG to Abnormal’s AI-native solution.
A Fortune 500 packaging leader boosted threat detection and saved 6,500+ hours annually by replacing its Proofpoint SEG with Abnormal’s AI-powered solution.
Discover how a leading mortgage lender saved money and stopped more attacks by replacing its Proofpoint SEG with Abnormal’s API-based behavioral AI solution.
A global industrial manufacturer enhanced its email security and operational efficiency by replacing its Proofpoint SEG with Abnormal.
Learn about the recent EchoSpoofing attack that exploited Proofpoint's relay servers and how Abnormal's AI-driven approach provides superior protection against brand impersonation and advanced phishing attacks.
Stay secure by staying informed during the 20th anniversary of Cybersecurity Awareness Month. Explore 10 eye-opening statistics about advanced email attacks.
John Hoyt, CISO at Clemson University, shares his take on the unique cybersecurity challenges of higher education and how Abnormal Security can help.
Watch this short video to learn current trends and key issues in cloud email security, including how to protect your organization against modern threats.
Security is now a $10 billion business for Microsoft, and the company is a leader in five Gartner Magic Quadrants—access management, endpoint management tools, cloud access security brokers, enterprise information archiving, and endpoint protection platforms. This validation proves that their customers...
The threat actor behind the SolarWinds attack, the Russian-based Nobelium, has orchestrated another successful vendor email compromise attack, this time targeting the United States Agency for International Development (USAID). According to Microsoft’s...
As the details emerge on the ransomware attack that sent a major U.S. oil pipeline operated by Colonial Pipeline offline for a week, what we do know is that the likelihood the attack emerged from a malicious phishing email attack is extremely high. Earlier this week...
Recent email attacks detected by Abnormal Security, combined with an analysis of historical attack data, indicate that email attacks related to federal taxes are likely to spike in the coming weeks in advance of the May 17th filing deadline. Tax-related attacks in 2021 have followed a...
A request for quote (RFQ) continues to increase in popularity as an attack type, as vendors are likely to open the attachments or click the links associated with these types of email. In this attack, attackers disguise harmful malware as a RFQ...
If an advanced attack finds its way into an employee’s inbox, you hope that they remember their security and awareness training and do not engage with it. However, there is always the risk that they engage with the message—clicking a...
You’ll find similar characteristics in BEC that you will in VEC. A common trait of BEC is it does not contain malware or malicious URLs, and due to that technique, it is able to bypass conventional email security measures like SEGs. BEC relies...
IRS email impersonations are widespread across all industries. These attacks vary in scale and victim, targeting both individuals and companies as a whole. This particular attack follows the growing trend of utilizing social engineering strategies for malicious engagement...
To detect account takeovers, Abnormal Security’s machine learning algorithms utilize many factors related to location, devices, and applications. However, until now, much of that information was not exposed to users. In an effort to be as customer-centric as possible...
Abnormal Security prides itself on its differentiated technology and superior efficacy when it comes to stopping advanced email attacks. Despite the overwhelming effectiveness of our platform, like all advanced AI systems...
In this attack, attackers impersonate a company's Human Resources department and send a COVID-19 scan via a lookalike Microsoft Office 365 email. The original message to the recipient appears to originate from the company’s internal human resources email address.
When attempting to gain credentials to a Google account, the best brand to impersonate is likely Google. In this account, threat actors sent an urgent account message to trick recipients into inputting their Google credentials, hoping to trick...
The prolific attack on SolarWinds and their partner ecosystem will forever change how we view supply chain security and the role email communication plays in it. As the events and details surrounding the attack continue to unfold, we have learned from the company itself...
The primary value that Abnormal brings to email security is an advanced, ML-based detection system that can extract and analyze thousands of signals, identify patterns, and adapt over time to detect important attacks–without relying exclusively on threat intel or...
In a recent attack uncovered by Abnormal Security, the attacker impersonates LinkedIn to send a malicious attachment that could lead to identity theft. Once the attachment is opened, the victim is asked to put in personal identifying information, including their social security number.
Abnormal Security recently detected two new types of attacks where scammers are targeting victims by redirecting their own Microsoft 365 out-of-office replies as well as read receipts back to them. These tactics indicate attackers are using every available tool and loophole...
PayPal is a well-known money transfer application, used often between friends and family as well as for small businesses. Because PayPal accounts are often linked to credit cards and bank accounts, the company itself is a commonly impersonated brand from attackers...
Because they contain the keys to the financial kingdom and allow attackers direct access to money, banks tend to be some of the most impersonated organizations. In this attack, attackers mimic an automated notification from BB&T in order to steal recipients' online banking...
Attackers impersonated USPS while sending out phishing emails designed to steal payment credentials.
Scammers impersonated the Department of Labor and offered supposed relief funds to phish sensitive and identifying information.
Cybercriminals attempted a phishing scam to access cryptocurrency wallets by impersonating Ledger.
Facebook phishing attacks are popular because users tend to use the same email address and password for other sites. In this attack, the cybercriminal impersonates Facebook to send out a phishing attack using a legitimate Facebook link.
For SOC analysts, managing an employee-reported phishing mailbox can be a double-edged sword. On one hand, legacy tools have made it easy for employees to report would-be business email compromise (BEC) and credential phishing emails. On the other hand...
Although tax season has passed, IRS impersonation scams persist, putting many Americans at risk for identity theft and payment fraud. In this attack, scammers impersonate the IRS by sending out a fake tax form to collect valuable personal and financial information.
Threat researchers at Abnormal Security recently discovered a coordinated spear-phishing campaign targeting numerous enterprise organizations. The attackers compromised hundreds of legitimate accounts and are sending emails...
Quickbooks is popular accounting software that also supports the management of essential business functions such as payroll, billing, and invoicing. Its widespread use, especially among small businesses, has made it a target for impersonation...
With many employees forced to work from home because of COVID-19, cybercriminals can take advantage of the fear and uncertainty caused by the pandemic. This attack features a new phishing scheme around returning to the office. Despite (or perhaps because of) the rise in COVID-19...