Blog - Page 7 of 7 - Abnormal Security

Subscribe to receive twice-monthly updates of the latest attacks we've detected in the wild:

ESG Survey Explores Gaps in Business Email Compromise (BEC) Controls in Cloud Email Platforms

To track the history of email security, there’s no better gauge than the FBI Internet Crime Complaint Center (IC3)’s annual Internet Crime Report. Prior to 2015, phishing and spoofing were included among

Read more

Abnormal Attack Stories #4: Coronavirus Phishing Attacks

In this attack, attackers are impersonating the CDC in order to trick victims into clicking a link which ostensibly lists cases in their area, but which actually leads to a landing page

Read more

Abnormal Attack Stories #3: O365 Takeover Without Stealing Credentials

Quick Summary: Platform: Office 365 Mailboxes: Between 10,000 and 15,000 Email Gateway: None Email Security Bypassed: Office 365 Victims: Internal Employees Payload: Office 365 App Technique: Brand Impersonation What was the attack?

Read more

Abnormal Attack Stories #2: Microsoft Impersonation => Phishing + MFA Bypass

Quick Summary: Platform: Office 365 Mailboxes: 2,500 to 5,000 Email Gateway: None Email Security Bypassed: Microsoft ATP Victims: IT Administrators Payload: Link Technique: Vendor Impersonation What was the attack? Setup: The attacker

Read more

Abnormal Attack Stories #1: Executive Impersonation and Vendor Invoice Fraud

Quick Summary: Platform: Office 365 Mailboxes: >50,000 Email Gateway: IronPort Email Security Bypassed: ATP Victims: Accounting Employee Payload: Invoice attachment Technique: Executive Impersonation What was the attack? Setup: The attacker posed as

Read more