Subscribe to receive twice-monthly updates of the latest attacks we've detected in the wild:

Unsuspecting School District Faculty Targeted by Credential Theft Campaign

No one wants to receive an email from human resources that they aren’t expecting. After all, that usually means bad news. And when we think there may be bad news, cybersecurity training

Read more

Chief Human Resources Officer Impersonated in Identity Theft Scheme

Identity theft is not a joke, impacting more than 14 million people each year in the United States alone. Over the course of their lifetime, nearly one-third of all people will become

Read more

University Students Targeted by Credential Phishing Campaign

With school starting this month, cybercriminals are back in action—targeting university students in an attempt to steal valuable personal information. In a recent attack uncovered by Abnormal, a credential phishing attacker used

Read more

Tax-Related Email Attacks Set to Spike in May

Recent email attacks detected by Abnormal Security, combined with an analysis of historical attack data, indicate that email attacks related to federal taxes are likely to spike in the coming weeks in

Read more

RFQ Scam

In this attack, attackers disguise harmful malware as a “request for quote” (RFQ) to encourage recipients to download dangerous files.

Read more

IRS Impersonation

IRS email impersonations are widespread across all industries. These attacks vary in scale and victim, targeting both individuals and companies as a whole. This particular attack follows the growing trend of utilizing

Read more

Vendor Spoofing Invoice Attack

In this attack, the attacker impersonates a known partner of the company and inquires about a pending invoice payment.

Read more

Covid Report from Microsoft Phishing Attack

In this attack, attackers impersonate a company’s Human Resources department by sending out a COVID-19 scan via a look-a-like Microsoft O365 email.

Read more

Crypto Wallet Impersonation

In the midst of uncertainty during this period of time, one thing that has consistently made headlines is high-profile data breaches. With serious attacks continuously underway, there has been a heightened sense

Read more

Google Mail Merge Impersonation

In this attack, credential phishing attackers send urgent impersonated account messages to trick recipients into giving up their credentials.

Read more

PPP Extended Coverage Phishing

In this attack, attackers impersonate a message from the United States government, claiming to provide information on the Paycheck Protection Program in an attempt to steal valuable credentials. Quick Summary of Attack

Read more

LinkedIn Identity Theft

In this attack, the attacker impersonates a policy change notification from LinkedIn in order to steal highly confidential information such as the victim’s social security number. Quick Summary of Attack Target Platform:

Read more