Abnormal Blog

Identity theft is not a joke, impacting more than 14 million people each year in the United States alone. Over the course of their lifetime, nearly one-third of all people will become victims of identity theft—often as a result of a corporate data breach. Once attackers have access to identifying information like your full name, address, date of birth, and/or social security number...

Finding messages and purging them within a few clicks is a top priority for many of our customers. We’re pleased to announce that our new Search and Respond feature, designed to solve for this use case, is now available.

Security is now a $10 billion business for Microsoft, and the company is a leader in five Gartner Magic Quadrants—access management, endpoint management tools, cloud access security brokers, enterprise information archiving, and endpoint protection platforms. This validation proves that their customers...

On August 12, 2021, we identified and blocked a number of emails sent to Abnormal Security customers soliciting them to become accomplices in an insider threat scheme. The goal was for them to infect their companies’ networks with ransomware. These emails allege to come from someone with ties to the DemonWare ransomware group.

With school starting this month, cybercriminals are back in action—targeting university students in an attempt to steal valuable personal information. In a recent attack uncovered by Abnormal, a credential phishing attacker used a legitimate email account and created false urgency to steal student credentials through a phishing website.

In engineering teams, there’s a mythical concept of a “10x engineer”— engineers who have 10x more impact and responsibility than the average engineer. Do these engineers actually exist? Is this a myth, or a possibility that engineers can realistically aim to become?

Business email compromise (BEC) is the most significant cybersecurity threat to enterprise organizations, with $1.8 billion in reported losses in 2020 alone. This type of email attack occurs when a cybercriminal uses social engineering to impersonate a trusted contact...

Over the last three years building our ML-based cybersecurity products at Abnormal Security, I’ve benefitted enormously from discussions with colleagues in the ML space. This podcast aims to make some of those conversations available. In our second episode of Abnormal Engineering Stories...

It’s one thing to add machine learning and artificial intelligence features to an existing software platform. It’s quite another to build an entire company like Abnormal Security around machine learning technology, and to provide practical, everyday value to enterprise organizations.

Abnormal Security saw a significant increase in attacker activity in May 2021. Advanced email threats rose across virtually all industry sectors, with the median rate of advanced email-based attacks increased by 64% between the first and last weeks of May. The bulk...

As VP of Engineering here at Abnormal Security, I’ve had numerous conversations with our team, venture capitalists, and external engineering leaders about the challenges of building and leading engineering teams. Building applied machine learning products at scale requires solving a wide range of challenges...

The threat actor behind the SolarWinds attack, the Russian-based Nobelium, has orchestrated another successful vendor email compromise attack, this time targeting the United States Agency for International Development (USAID). According to Microsoft’s...

If you’re a podcast fan and haven’t subscribed to Masters of Scale yet, I’d highly recommend it. Reid Hoffman, one of the most successful entrepreneurs and investors of our time—cofounder of LinkedIn and investor in companies like Facebook, Airbnb, and Zynga—is the host, and he shares...

As the details emerge on the ransomware attack that sent a major U.S. oil pipeline operated by Colonial Pipeline offline for a week, what we do know is that the likelihood the attack emerged from a malicious phishing email attack is extremely high. Earlier this week...

Our ML pipeline powers a detection engine that catches the most advanced email attacks. These attacks are not only extremely rare, but also change over time in an adversarial way. Since we require both high precision and high recall, and the cost of any error is severe, it is essential...

Recent email attacks detected by Abnormal Security, combined with an analysis of historical attack data, indicate that email attacks related to federal taxes are likely to spike in the coming weeks in advance of the May 17th filing deadline. Tax-related attacks in 2021 have followed a...

A request for quote (RFQ) continues to increase in popularity as an attack type, as vendors are likely to open the attachments or click the links associated with these types of email. In this attack, attackers disguise harmful malware as a RFQ...

If an advanced attack finds its way into an employee’s inbox, you hope that they remember their security and awareness training and do not engage with it. However, there is always the risk that they engage with the message—clicking a...

Machine learning engineering is hard, especially when developing products at high velocity, as is the case for us at Abnormal Security. Typical software engineering lifecycles often fail when developing ML systems.

Developing a machine learning product for cybersecurity comes with unique challenges. For a bit of background, Abnormal Security’s products prevent email attacks—think credential phishing, business email compromise, and malware—and also...

You’ll find similar characteristics in BEC that you will in VEC. A common trait of BEC is it does not contain malware or malicious URLs, and due to that technique, it is able to bypass conventional email security measures like SEGs. BEC relies...

IRS email impersonations are widespread across all industries. These attacks vary in scale and victim, targeting both individuals and companies as a whole. This particular attack follows the growing trend of utilizing social engineering strategies for malicious engagement...

To detect account takeovers, Abnormal Security’s machine learning algorithms utilize many factors related to location, devices, and applications. However, until now, much of that information was not exposed to users. In an effort to be as customer-centric as possible...

In a recent post, our Head of Platform & Infrastructure Michael Kralka discussed how Abnormal’s rapid growth has forced us to make our core services horizontally scalable. In-memory datasets that start off small become huge memory...