Product Solutions Technology About Careers Resources Contact Request Demo
Product Overview Inbound Protection Email Account Compromise SOC Platform Tools Integrations Technology About News Accolades Announcements Events Careers Resources Blog Contact Request Demo Close menu

Blog

Abnormal Security on COVID-19

Given uncertainty with COVID-19, I wanted to reach out to personally assure you that Abnormal Security is proactively working hard to ensure continuous service and ongoing security for your email communications.  The integrity and security of email communications is especially important during uncertain times when more of the workforce may be unavailable and may be …

March 10, 2020

Abnormal Security

Read more

Abnormal Attack Stories #5: Fake Email Delivery Failure

Quick Summary: Platform: Office 365 # Mailboxes: Between 1,000 and 5,000 Email Gateway: None Email Security: Office 365 Victims: Internal Employees Payload: Malicious Link Technique: ABCD What was the attack? Setup: This is an attack that we’re seeing with more frequency. Email delivery failure notices are not uncommon, so this notice wouldn’t look out of …

March 5, 2020

Abnormal Security

Read more

ESG Survey Explores Gaps in Business Email Compromise (BEC) Controls in Cloud Email Platforms

To track the history of email security, there’s no better gauge than the FBI Internet Crime Complaint Center (IC3)’s annual Internet Crime Report. Prior to 2015, phishing and spoofing were included among several other online crimes reported to the bureau, noted as part of Nigerian prince email scams and in footnotes.  It wasn’t until 2015 …

February 27, 2020

Abnormal Security

Read more

Abnormal Attack Stories #4: Coronavirus Phishing Attacks

In this attack, attackers are impersonating the CDC in order to trick victims into clicking a link which ostensibly lists cases in their area, but which actually leads to a landing page which can steal their credentials.

February 14, 2020

Abnormal Security

Read more

Abnormal Attack Stories #3: O365 Takeover Without Stealing Credentials

Quick Summary: Platform: Office 365 # Mailboxes: Between 10,000 and 15,000 Email Gateway: None Email Security: Office 365 Victims: Internal Employees Payload: Office 365 App Technique: Brand Impersonation What was the attack? Setup: The attacker leveraged an Office 365 app which, according to PhishLabs, was created using information stolen from a legitimate organization. This app …

January 21, 2020

Abnormal Security

Read more

Abnormal Attack Stories #2: Microsoft Impersonation => Phishing + MFA Bypass

Quick Summary: Platform: Office 365 # Mailboxes: 2,500 to 5,000 Email Gateway: None Email Security: Microsoft ATP Victims: IT Administrators Payload: Link Technique: Vendor Impersonation What was the attack? Setup: The attacker compromised an existing domain that did not have any bad reputation associated with it (e.g. off-55.tk). The attacker then registered a new domain …

January 14, 2020

Abnormal Security

Read more

Abnormal Attack Stories #1: Executive Impersonation and Vendor Invoice Fraud

Quick Summary: Platform: Office 365 # Mailboxes: >50,000 Email Gateway: IronPort Email Security: ATP Victims: Accounting Employee Payload: Invoice attachment Technique: Executive Impersonation What was the attack? Setup: The attacker posed as an executive at the organization and asked an employee in accounting to pay an invoice, but failed to attach the invoice to the …

January 7, 2020

Abnormal Security

Read more