chat
expand_more

B Cryptocurrency Donations Attack
Attackers attempt to solicit fraudulent donations via cryptocurrency transfers under the guise of collecting donations for children in Palestine.
Read More
B Bittrex Phishing Attack
Attackers capitalize on the Bittrex bankruptcy by targeting customers with a convincing credential phishing attack.
Read More
B Nigerian Prince
Scams about the Nigerian Prince that promise millions have been around for decades. But they are transitioning, now using ChatGPT and similar tools to seem more convincing.
Read More
VEC attacks blog cover
Discover how one threat actor compromised five vendor organizations to commit the same invoice fraud attack against more than a dozen victims.
Read More
B 5 15 23 Israel BEC
Abnormal research into an advanced Israel-based threat group puts a spotlight on the continuing rise of BEC attacks.
Read More
B 4 28 23 SE Gpng
Discover how real-world attackers abuse compromised personal email accounts to elicit response and realize financial and informational gain.
Read More
B Open Red
Discover how real-world attackers use open redirects to access sensitive data, bypassing traditional secure email gateways.
Read More
B 36 M
Vendor email compromise is expensive. See how Abnormal protected our customer from a $36 million invoice fraud attack.
Read More
B 3 14 23 Fraud
Discover how Abnormal detects and remediates payment fraud and invoice email attacks that bypass secure email gateways (SEGs).
Read More
B 2 28 23 SEG
See how Abnormal protects your organization from advanced attacks occuring outside your email environment and bypassing your SEG.
Read More
B 2 22 23 O Auth
Discover how Abnormal detects the advanced OAuth Phishing attacks that bypass traditional security email gateways.
Read More
SEG
Secure email gateways (SEGs) have proven effective in the past, but they are ineffective against modern social engineering tactics and targeted email threats.
Read More
Spam Blog Cover
As spammers become more sophisticated across cloud services, Abnormal is addressing new attacks including this recent malicious calendar invite.
Read More
B 06 01 22 Stripe Phishing
In this sophisticated credential phishing attack, the threat actor created a duplicate version of Stripe’s entire website.
Read More
B 04 19 22 Facebook Phishing
While phishing emails have long been a popular way to steal Facebook login credentials, we’ve recently seen an increase in more sophisticated phishing attacks.
Read More
Blog university students cover
Higher education institutions continue to be prime targets for attack as cybercrimianls prey on unsuspecting students.
Read More
Blog canadian visa cover
Abnormal Security recently identified a scam aimed at the Canadian electronic travel authorization (eTA) program, which bears a striking resemblance to a long-standing fraud scheme described in our post from several weeks ago targeting TSA travel program applicants.
Read More
Blog calendar invite attack cover
Meeting invites are one of the most common types of emails sent today, so it should come as no surprise that attackers have found a way to manipulate them. Scores of recipients that utilize Abnormal Security recently received emails that contained a .ics attachment—an invitation file commonly used to populate online calendar applications with meeting and event information.
Read More
Blog tsa scam cover
On November 9, 2021, we identified an unusual phishing email that claimed to be from “Immigration Visa and Travel,” inviting the recipient to renew their membership in the TSA PreCheck program. The email wasn’t sent from a .gov domain, but the average consumer might not immediately reject it as a scam, particularly because it had the term “immigrationvisaforms” in the domain. The email instructed the user to renew their membership at another quasi-legitimate-looking website.
Read More
Quishing blog cover
What is unique to this campaign is that these messages contained QR codes offering access to a missed voicemail, handily avoiding the URL scan feature for email attachments present in secure email gateways and native security controls
Read More
Extortion blog cover
Unfortunately, physically threatening extortion attempts sent via email continue to impact companies and public institutions when received—disrupting business, intimidating employees, and occasioning costly responses from public safety.
Read More
Blog attack atlassian cover
Credential phishing links are most commonly sent by email, and they typically lead to a website that is designed to look like common applications—most notably Microsoft Office 365, Google, Amazon, or other well-known...
Read More
Blog yellow skyline
No one wants to receive an email from human resources that they aren’t expecting. After all, that usually means bad news. And when we think there may be bad news, cybersecurity training tends to fall by the wayside. Threat actors know this, and they’re taking advantage of human emotions.
Read More
Blog purple person outline
Identity theft is not a joke, impacting more than 14 million people each year in the United States alone. Over the course of their lifetime, nearly one-third of all people will become victims of identity theft—often as a result of a corporate data breach. Once attackers have access to identifying information like your full name, address, date of birth, and/or social security number...
Read More
 

See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

See a Demo
 
Integrates Insights Reporting 09 08 22