Abnormal Blog

As spammers become more sophisticated across cloud services, Abnormal is addressing new attacks including this recent malicious calendar invite.

Discover how ChatGPT can be used by threat actors to run business email compromise schemes and other email attacks.

Reduce your risk of a BEC or phishing attack this holiday season by watching out for these email threats.

Cybersecurity expert Ira Winkler discusses risks to cloud email and how to block both inbound email attacks and emerging threats.

Threat group Lilac Wolverine is fine-tuning the art of exploiting people’s willingness to help others in some of the largest gift card attacks we've seen.

This post explores the continuation of the sharp decline in ransomware attacks as well as a few other notable data points from Q3 2022.

Uncovering how threat group Crimson Kingsnake uses third-party impersonation tactics to swindle organizations across the world.

Allowing remote work improves engagement and retention, but it also increases your attack surface. Here’s how to protect your distributed workforce.

Threat group Cobalt Terrapin uses sophisticated impersonation techniques with multiple steps to commit invoice fraud.

Discover how threat group Chiffon Herring leverages impersonation and spoofed email addresses to divert paychecks to mule accounts.

In this attack, threat actors impersonate a teacher to deliver Matanbuchus malware-as-a-service (MaaS) using a Google Drive link.

The number of ransomware attacks continued its downward trend in Q2 2022. Learn why and discover more about ransomware threat actors and targets.

Introducing Abnormal Intelligence—your go-to resource for expert insights into emerging cyber threats and email attack trends.

Understanding the ways cybercriminals execute financial supply chain compromise is key to preventing your organization from falling victim to an attack.

Financial supply chain compromise, a subset of business email compromise (BEC), is on the rise. Learn how threat actors launch these sophisticated attacks.

Executives are no longer the go-to impersonated party in business email compromise (BEC) attacks. Now, threat actors are opting to impersonate vendors instead.

Here’s an in-depth analysis of the 62 most prominent ransomware groups and their activities since January 2020.

See how threat actors used a single mailbox compromise and spoofed domains to subtly impersonate individuals and businesses to coerce victims to pay fraudulent vendor invoices.

Like all threats in the cyber threat landscape, ransomware will continue to evolve over time. This post builds on our prior research and looks at the changes we observed in the ransomware threat landscape in the first quarter of 2022.

Threat actors are posing as businesses and individuals seeking tax preparation services and then providing copies of the Sorillus client remote access tool (RAT).

Actors are now exploiting the customer contact form on websites to bypass email security and encourage BazarLoader downloads.

Looking at the overall volume trends, there have been two main spikes in ransomware activity over the last two years.

As part of our research, we dove into why ransomware has changed and how each variable influences the overall threat of ransomware in distinctly different ways.

New research from the Abnormal Threat Intelligence team shows that ransomware delivery methods have evolved, payouts are growing in frequency and total cost, and there are more malicious actors participating in ransomware than ever before.