Abnormal Blog

Discover how attackers exploit vendor relationships for credential phishing and how Abnormal Security’s AI-driven defense stops these attacks in real time, preventing account takeovers and minimizing risk.

Discover how Dropbox was exploited in a sophisticated phishing attack that leveraged AiTM tactics to steal credentials during the open enrollment period.

Explore how attackers exploit rewritten URLs to gain unauthorized access, highlighting traditional security vulnerabilities and the need for modern tools.

Explore how advanced email threats can slip past common security measures and why a proactive, pre-delivery defense is essential in combating them.

Discover how Abnormal Security detected a sophisticated phishing attack that evaded both Proofpoint and DarkTrace, and learn how it outperforms traditional solutions in combating modern email threats.

In the second installment of our quarterly look-back at malicious emails, we examine 5 more recent noteworthy attacks detected and stopped by Abnormal.

Attackers attempt to steal payment information by posing as UPS and FedEx and sending fake shipment notifications about a pending delivery.

Attackers attempt to steal sensitive information using a fraudulent electronic signature request for a nonexistent NDA and branded phishing pages.

Discover how threat actors are creating more sophisticated attacks utilizing lookalike domains and new personas, and learn how Abnormal can detect these attacks.

The impending arrival of Tax Day always brings a surge in email attacks aimed at exploiting the stress and anxiety associated with April 15.

Take a look at five of the most unique and sophisticated email attacks recently detected and stopped by Abnormal.

A recent nation-state actor attack by the Russian-backed threat group Midnight Blizzard infiltrated Microsoft. Discover how Abnormal can protect you from account takeovers in real time.

Explore the intricacies of this BazarCall phishing attack that uses a Google Form for heightened authenticity.

This Disney+ scam email uses brand impersonation and personalization to send a convincing fake subscription charge notice.

Attackers attempt to solicit fraudulent donations via cryptocurrency transfers under the guise of collecting donations for children in Palestine.

Attackers capitalize on the Bittrex bankruptcy by targeting customers with a convincing credential phishing attack.

Scams about the Nigerian Prince that promise millions have been around for decades. But they are transitioning, now using ChatGPT and similar tools to seem more convincing.

Discover how one threat actor compromised five vendor organizations to commit the same invoice fraud attack against more than a dozen victims.

Abnormal research into an advanced Israel-based threat group puts a spotlight on the continuing rise of BEC attacks.

Discover how real-world attackers abuse compromised personal email accounts to elicit response and realize financial and informational gain.

Discover how real-world attackers use open redirects to access sensitive data, bypassing traditional secure email gateways.

Vendor email compromise is expensive. See how Abnormal protected our customer from a $36 million invoice fraud attack.

Discover how Abnormal detects and remediates payment fraud and invoice email attacks that bypass secure email gateways (SEGs).

See how Abnormal protects your organization from advanced attacks occuring outside your email environment and bypassing your SEG.