chat
expand_more

Keep up with the latest news in cybersecurity with insight from our team of experts.
Blog earth lights
Sophisticated social engineering email attacks are on the rise and getting more advanced every day. They prey on the trust we put in our business tools and social networks, especially when a message appears to be from someone on our contact list, or even...
Read More
Blog blue square building
A recent Amazon phone scam involves cybercriminals sending a fake email from Arnazon. Here's how we detected it.
Read More
Blog healthcare ceiling
Healthcare continues to be a preferred method for cyber attacks, and this attack features an impersonation of UnitedHealthcare in the form of a request for a claim. The email appears to originate from notifications@e-notifications.myuhc.com, which is an authorized...
Read More
Blog machine learning orb
Jesh Bratman, a founding member at Abnormal Security and Head of Machine Learning, was just featured on The Tech Trek’s podcast. Jesh deeps-dives into his past, building ML systems to detect abusive behavior at Twitter, and how he used this background to transition...
Read More
Blog black white abstract lines
Recently, there has been a rise in scam emails demanding recipients to pay a ransom with bitcoin, or else the personal information attackers have gathered about the recipient will be released to the public. The means by which attackers have obtained this information...
Read More
Blog pointy leaf
Sending fraudulent purchase orders for goods and services is a common tactic attackers use to receive free merchandise. In this attack, attackers are impersonating the United States Transportation Command Office of Small Business Programs and sending an RFQ in...
Read More
Blog door arches
When Abnormal Security was founded, our engineering and data science teams were focused on solving the toughest—and most expensive—email security problem for enterprises: business email compromise, or BEC. Fast-forward to today and Abnormal serves some of the largest enterprises...
Read More
Blog black twirl building
As bitcoin and other cryptocurrencies become increasingly popular, attackers are taking advantage. This attack leverages bitcoin to fool early adopters of cryptocurrency with BTC Era into paying for what they believe is an investment, but is really a guise...
Read More
Blog light stairs
With unemployment on the rise, attackers are exploiting individuals in search of new positions. This method makes use of targeted social engineering techniques, combining email and mobile platforms, to reap information from victims. In this attack, malicious actors...
Read More
Blog basic office building
Compromised accounts are commonly used by cybercriminals to send additional attacks because they appear to originate from a trustworthy source—typically a known partner or customer, or a known coworker within the organization. In this attack, the account was first...
Read More
Blog modern office
Abnormal recently detected campaigns targeting our customers where malicious actors will impersonate major brands and reach out to accounting teams to ask if there are any outstanding invoices for the company they are impersonating. Abnormal classifies these messages...
Read More
Blog yellow microsoft
Skype is used prolifically in both casual and business settings. As a result of its affiliation with Microsoft, it is a popular choice for attackers to impersonate in order to trick victims into handing over their Microsoft credentials. In these attacks, the sender...
Read More
Blog circle spot building
SharePoint is an increasingly popular tool for Microsoft users, especially in a time when millions of employees are working remotely. In this attack, malicious actors make use of an automated message from Sharepoint to send phishing emails. This attack...
Read More
Blog purple building
Microsoft provides security alerts in the case of fraudulent logins on user accounts. Users are usually able to trust these emails due to the source being from a trusted brand. And because the email relates to account security, the recipient may unconsciously trust...
Read More
Blog circular downward
Microsoft Office offers one-time purchase and subscription plans and has numerous official resellers for its products. Scammers use this fact as an opportunity to impersonate Microsoft and their resellers in order to steal sensitive user data, as well as for...
Read More
Blog blue semi circles
Office 365 and its associated apps (Excel, PowerPoint, Word, and Outlook) are an integral business tool for many organizations. Hackers consistently target the Microsoft accounts of employees, as these accounts are linked to a treasure trove of...
Read More
Blog green surveymonkey
SurveyMonkey is a survey service that is normally used to host legitimate surveys. However, sometimes attackers will utilize file sharing and surveying sites like SurveyMonkey to host redirect links to a phishing webpage. By using these legitimate services...
Read More
Blog purple building
Social media access can provide a lens into other parts of a person's life, making Facebook and Twitter unique when it comes to credential phishing campaigns. In this attack, cybercriminals targeted a specific individual who works at an organization that heavily...
Read More
Blog green stars
Abnormal Security has observed attackers impersonating major social media platforms like Instagram, Facebook, and Twitter to steal the login credentials of employees at enterprise organizations. In the past two months, we have seen a 60% increase for several organizations...
Read More
Blog yellow calendar
Financial institutions are common targets for attackers because of the amount of money in their control. Access to a user’s sensitive information would allow an attacker to commit identity theft, as well as steal any money associated with the account. Many of...
Read More
Blog stairs circle
Cyber threats are constantly evolving. Cybersecurity teams are most effective when they deploy defenses that protect against the threats that pose the greatest risk at any given time. Socially-engineered attacks—one of the most financially damaging threats...
Read More
Blog purple blue burst
As the COVID-19 pandemic continues, governments worldwide are providing relief funds for small business owners impacted by lockdowns and closures. This allows attackers to exploit current efforts by the government, particularly since applicants to these funds...
Read More
Blog orange desert line
Due to the transition to remote work during the COVID-19 pandemic, corporations have become more concerned about online security and privacy. Companies rely on VPNs to connect remote employees to vital company servers, as well as to provide secure...
Read More
Blog yellow neon sign
Due to recent quarantine restrictions, companies have moved to online collaboration software and cloud-based applications. Despite the benefits of convenience and increased productivity from the use of cloud computing services, user accounts for these services...
Read More

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo