Keep up with the latest news in cybersecurity with insight from our team of experts.
All Blog Posts
Blog black clock
For SOC analysts, managing an employee-reported phishing mailbox can be a double-edged sword. On one hand, legacy tools have made it easy for employees to report would-be business email compromise (BEC) and credential phishing emails. On the other hand...
Read More
Blog white building sky
Although tax season has passed, IRS impersonation scams persist, putting many Americans at risk for identity theft and payment fraud. In this attack, scammers impersonate the IRS by sending out a fake tax form to collect valuable personal and financial information.
Read More
Blog white lines
Threat researchers at Abnormal Security recently discovered a coordinated spear-phishing campaign targeting numerous enterprise organizations. The attackers compromised hundreds of legitimate accounts and are sending emails...
Read More
Blog center lights
Attackers often attempt to emulate common emails that employees receive and which might give them access to the information they seek. In this case, attackers leverage the tech stack migrations that happen at enterprises in order to steal Microsoft Office 365 credentials.
Read More
Blog green quickbooks
Quickbooks is popular accounting software that also supports the management of essential business functions such as payroll, billing, and invoicing. Its widespread use, especially among small businesses, has made it a target for impersonation...
Read More
Blog city sunrise
With many employees forced to work from home because of COVID-19, cybercriminals can take advantage of the fear and uncertainty caused by the pandemic. This attack features a new phishing scheme around returning to the office. Despite (or perhaps because of) the rise in COVID-19...
Read More
Blog scales building
On October 21st, 2020, just two weeks before the US general election, many voters in Florida received threatening emails purportedly from the “Proud Boys." These attacks often included some personal information like an address or phone number, threatened violence...
Read More
Blog multi tenant criss
Abnormal Abuse Mailbox from Abnormal Security is a product that is designed to collect, collate, and automate the handling of phishing, spam, and other user-reported messages. With Abnormal Abuse Mailbox, SOC teams report saving multiple hours each day...
Read More
Blog white circular sky
At Abnormal Security, one of our key objectives is to build a detection engine that can continuously adapt to a changing attack landscape. As such, we want to ensure that our systems can rapidly adjust to recent and high-value messages—even with...
Read More
Blog logo wavy lines
When we founded Abnormal Security more than two and a half years ago, we met with 50 top CIOs and CISOs who told us two things: they needed a solution to stop a novel set of cyberattacks that increasingly bypassed legacy email security solutions, and they needed it...
Read More
Blog earth lights
Sophisticated social engineering email attacks are on the rise and getting more advanced every day. They prey on the trust we put in our business tools and social networks, especially when a message appears to be from someone on our contact list, or even...
Read More
Blog gray poles
The IRS has long been a popular target for impersonation by attackers. This email highlights a more sophisticated IRS impersonation, where a targeted attack is sent from a spoofed sender domain to collect fraudulent payment from the victim.
Read More
Blog blue square building
A recent Amazon phone scam involves cybercriminals sending a fake email from Arnazon. Here's how we detected it.
Read More
Blog healthcare ceiling
Healthcare continues to be a preferred method for cyber attacks, and this attack features an impersonation of UnitedHealthcare in the form of a request for a claim. The email appears to originate from notifications@e-notifications.myuhc.com, which is an authorized...
Read More
Blog machine learning orb
Jesh Bratman, a founding member at Abnormal Security and Head of Machine Learning, was just featured on The Tech Trek’s podcast. Jesh deeps-dives into his past, building ML systems to detect abusive behavior at Twitter, and how he used this background to transition...
Read More
Blog black white abstract lines
Recently, there has been a rise in scam emails demanding recipients to pay a ransom with bitcoin, or else the personal information attackers have gathered about the recipient will be released to the public. The means by which attackers have obtained this information...
Read More
Blog pointy leaf
Sending fraudulent purchase orders for goods and services is a common tactic attackers use to receive free merchandise. In this attack, attackers are impersonating the United States Transportation Command Office of Small Business Programs and sending an RFQ in...
Read More
Blog door arches
When Abnormal Security was founded, our engineering and data science teams were focused on solving the toughest—and most expensive—email security problem for enterprises: business email compromise, or BEC. Fast-forward to today and Abnormal serves some of the largest enterprises...
Read More
Blog yellow circular building
The median number of credential phishing attacks received by organizations increased 25% in July over the previous month, continuing a trend of rising phishing attacks. Credential phishing is the second most common attack type behind spam. Since February, the volume...
Read More
Blog black twirl building
As bitcoin and other cryptocurrencies become increasingly popular, attackers are taking advantage. This attack leverages bitcoin to fool early adopters of cryptocurrency with BTC Era into paying for what they believe is an investment, but is really a guise...
Read More
Blog light stairs
With unemployment on the rise, attackers are exploiting individuals in search of new positions. This method makes use of targeted social engineering techniques, combining email and mobile platforms, to reap information from victims. In this attack, malicious actors...
Read More
Blog basic office building
Compromised accounts are commonly used by cybercriminals to send additional attacks because they appear to originate from a trustworthy source—typically a known partner or customer, or a known coworker within the organization. In this attack, the account was first...
Read More
Blog orange wavy wall
Abnormal Security has detected an increase in business email compromise (BEC) attacks that successfully compromise email accounts, despite multi-factor authentication (MFA) and Conditional Access. While MFA and modern authentication protocols...
Read More
Blog modern office
Abnormal recently detected campaigns targeting our customers where malicious actors will impersonate major brands and reach out to accounting teams to ask if there are any outstanding invoices for the company they are impersonating. Abnormal classifies these messages...
Read More
Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.