All Blog Posts
B 10 3 22 Cobalt Terrapin Blog
Threat group Cobalt Terrapin uses sophisticated impersonation techniques with multiple steps to commit invoice fraud.
Read More
B Back to School
Discover how threat group Chiffon Herring leverages impersonation and spoofed email addresses to divert paychecks to mule accounts.
Read More
B 08 18 22 Matanbuchus Malware Blog
In this attack, threat actors impersonate a teacher to deliver Matanbuchus malware-as-a-service (MaaS) using a Google Drive link.
Read More
B 1500x1500 Q2 2022 Ransomware Landscape
The number of ransomware attacks continued its downward trend in Q2 2022. Learn why and discover more about ransomware threat actors and targets.
Read More
B 07 14 22 4types
Understanding the ways cybercriminals execute financial supply chain compromise is key to preventing your organization from falling victim to an attack.
Read More
B 07 07 22 Financial Supply Chain Compromise
Financial supply chain compromise, a subset of business email compromise (BEC), is on the rise. Learn how threat actors launch these sophisticated attacks.
Read More
B 06 21 22 Threat Intel blog
Executives are no longer the go-to impersonated party in business email compromise (BEC) attacks. Now, threat actors are opting to impersonate vendors instead.
Read More
B 05 27 22 Active Ransomware Groups
Here’s an in-depth analysis of the 62 most prominent ransomware groups and their activities since January 2020.
Read More
B 05 17 22 Impersonation Attack
See how threat actors used a single mailbox compromise and spoofed domains to subtly impersonate individuals and businesses to coerce victims to pay fraudulent vendor invoices.
Read More
B 05 03 22
Like all threats in the cyber threat landscape, ransomware will continue to evolve over time. This post builds on our prior research and looks at the changes we observed in the ransomware threat landscape in the first quarter of 2022.
Read More
B 04 05 22 RAT
Threat actors are posing as businesses and individuals seeking tax preparation services and then providing copies of the Sorillus client remote access tool (RAT).
Read More
Blog bazarloaders cover
Actors are now exploiting the customer contact form on websites to bypass email security and encourage BazarLoader downloads.
Read More
Blog ransomware victims cover
Looking at the overall volume trends, there have been two main spikes in ransomware activity over the last two years.
Read More
Blog driviing factors cover
As part of our research, we dove into why ransomware has changed and how each variable influences the overall threat of ransomware in distinctly different ways.
Read More
Ransomware victim blog cover
New research from the Abnormal Threat Intelligence team shows that ransomware delivery methods have evolved, payouts are growing in frequency and total cost, and there are more malicious actors participating in ransomware than ever before.
Read More
Blog west african cybercrime cover
When the typical person thinks about cybercrime, they may think of ransomware or identity theft, or perhaps the ubiquitous Nigerian prince scams targeting their unsuspecting grandmother
Read More
Blog tsa scam cover
On November 9, 2021, we identified an unusual phishing email that claimed to be from “Immigration Visa and Travel,” inviting the recipient to renew their membership in the TSA PreCheck program. The email wasn’t sent from a .gov domain, but the average consumer might not immediately reject it as a scam, particularly because it had the term “immigrationvisaforms” in the domain. The email instructed the user to renew their membership at another quasi-legitimate-looking website.
Read More
Blog tiktok attack cover
As major social media platforms have expanded the ability of creators to monetize their content in the last few years, they and their users have increasingly found themselves the targets of malicious activity. TikTok is now no exception.
Read More
Blog yellow ransomware screen
On August 12, 2021, we identified and blocked a number of emails sent to Abnormal Security customers soliciting them to become accomplices in an insider threat scheme. The goal was for them to infect their companies’ networks with ransomware. These emails allege to come from someone with ties to the DemonWare ransomware group.
Read More
0
Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.