Nigerian Ransomware: An Inside Look at Soliciting Employees to Deploy DemonWare

August 19, 2021

On August 12, 2021, we identified and blocked a number of emails sent to Abnormal Security customers soliciting them to become accomplices in an insider threat scheme. The goal was for them to infect their companies’ networks with ransomware. These

Coronavirus Credential Theft

March 13, 2020

In this attack, an attacker is impersonating a university’s “health team” to trick victims into...

Abnormal Security on COVID-19

March 10, 2020

Given uncertainty with COVID-19, I wanted to reach out to personally assure you that Abnormal...

Fake Email Delivery Failure

March 5, 2020

Quick Summary: Platform: Office 365 Mailboxes: Between 1,000 and 5,000 Email Gateway: None Email Security...

ESG Survey Explores Gaps in Business Email Compromise (BEC) Controls in Cloud Email Platforms

February 27, 2020

To track the history of email security, there’s no better gauge than the FBI Internet...

Coronavirus Phishing Attacks

February 14, 2020

In this attack, attackers are impersonating the CDC in order to trick victims into clicking...

Abnormal Attack Stories #3: O365 Takeover Without Stealing Credentials

January 21, 2020

Quick Summary: Platform: Office 365 Mailboxes: Between 10,000 and 15,000 Email Gateway: None Email Security...

Microsoft Impersonation => Phishing + MFA Bypass

January 14, 2020

Quick Summary: Platform: Office 365 Mailboxes: 2,500 to 5,000 Email Gateway: None Email Security Bypassed:...

Executive Impersonation and Vendor Invoice Fraud

January 7, 2020

Quick Summary: Platform: Office 365 Mailboxes: >50,000 Email Gateway: IronPort Email Security Bypassed: ATP Victims:...