BEC Archives - Abnormal Security

Subscribe to receive twice-monthly updates of the latest attacks we've detected in the wild:

Business Email Compromise Attacks Increasingly Widespread in August

The fraction of companies receiving BEC (Business Email Compromise) attacks each week increased steadily throughout August, from slightly less than 70% at the beginning of the month to over 99% by August

Read more

Credential Phishing Attack Volume is Comparable to Spam

This is our second installment of a monthly series to surface trends in email attacks. Our installment this month discusses trends we observed in July.

Read more

How Attackers Bypass MFA and Conditional Access to Compromise Email Accounts

Abnormal Security has detected an increase in BEC attacks that successfully compromise email accounts despite multi-factor authentication (MFA) and Conditional Access. While MFA and modern authentication protocols are an important advancement in

Read more

Payment Inquiries: The Precursors to Invoice and Payment Fraud

Abnormal has detected campaigns targeting our customers where malicious actors will impersonate major brands and reach out to accounting teams to ask if there are any outstanding invoices for the company they

Read more

Challenging Verizon’s CIS Control Recommendations for Socially-Engineered Business Email Compromise Attacks

While Verizon’s annual Data Breach Incident Report (DBIR) has always offered recommendations on defense and controls through its findings, this year the report shares formal, standardized security control recommendations to readers. In

Read more

Invoice & Payment Fraud BEC Attacks Are On The Rise

This is our first installment of a monthly series we’re launching to surface trends in email attacks. Our installment this month discusses trends we observed in May.

Read more

Protect Against the Unique Sophistication of Financially Motivated Social Engineering (FMSE) Attacks

Business email compromise (BEC) is a billion-dollar business for threat actors. According to the FBI’s Internet Crime Complaint Center (IC3), BEC scams have led to $26 billion in losses in the last

Read more

The State of Business Email Compromise Q1 2020: Attacks Shift From the C-Suite to Finance

Every day, we track and prevent email security threats for our users, which gives us enormous insight into where and how attackers attempt to infiltrate a business through email.

Read more

What is Business Email Compromise?

According to the FBI’s Internet Crime Complaint Center (IC3) reports, Business Email Compromise (BEC) represents the single greatest cause of financial loss from cybercrime, accounting for more than 50% of all financial

Read more

Phishing Click Rates Decline While Socially-Engineered Attacks Grow

Cyber threats are constantly evolving. Cybersecurity teams are most effective when they deploy defenses that protect against the threats that pose the greatest risk at any given time. Socially-engineered attacks — one

Read more

What Abnormal Security’s Cool Vendor Recognition Says About the Email Security Market

Last week, we were proud to announce that Abnormal Security was named a Gartner Cool Vendor in Cloud Office Security. This is an important recognition for the company as well as a

Read more

ESG Survey Explores Gaps in Business Email Compromise (BEC) Controls in Cloud Email Platforms

To track the history of email security, there’s no better gauge than the FBI Internet Crime Complaint Center (IC3)’s annual Internet Crime Report. Prior to 2015, phishing and spoofing were included among

Read more