Q1 2023 in Review: 7 Must-Read Blog Posts from Abnormal

At Abnormal, we recognize that to be a true partner to the cybersecurity community, we need to be more than just a solutions provider.

That’s why, in addition to developing technology that stops the full spectrum of email attacks and offers direct visibility into security posture, we consistently publish content that features the kinds of insights and advice security leaders need to keep their organizations safe from threat actors.

Given the constant evolution of threats and the availability of new intelligence almost every day, we’ve been sharing quite a bit of content lately. We wanted to make sure that you have the opportunity to read through the most recent news and updates, which is why we've gathered a few posts from the last quarter that you might have missed.

Phishing Attacks Pose as Updated 2023 HR Policy Announcements

Just like we see cybercriminals leverage the holidays to add more temporally-relevant context to their attacks, research from the Abnormal Intelligence team shows that threat actors are shifting tactics to take advantage of organizational changes that happen at the start of the year.

In two attacks stopped by Abnormal, threat actors impersonated HR and sent emails claiming to contain resources related to new benefits and employee handbook updates—which were actually phishing links and attachments to steal employee credentials.

Bypassing SEGs with Multi-Step Phishing: A Real-World Example

Secure email gateways, or SEGs, were once useful preventative tools to stop attacks targeting organizations. And while SEGs are effective at blocking common email threats with known indicators of compromise, they are ineffective against more sophisticated, never-before-seen attacks and the social engineering tactics used by modern threat actors. In short, advanced attacks require advanced protection.

Discover more about the gaps present in the protection offered by secure email gateways and how threat actors are finding innovative ways to bypass these systems.

28% of BEC Attacks Opened by Employees, New Data Shows

Your employees are your greatest asset. They’re also your greatest cybersecurity liability. And when it comes to email attacks, the odds are stacked against them.

According to our latest email threat report, employees open a whopping 28% of all BEC attacks and of those, they respond to 15% of them. And if you think that your phishing button is working, we have bad news. Only 2.1% of all attacks are ever reported. Making matters worse: of the emails reported, 84% of them are safe or graymail.

Key Takeaways from the 2023 Gartner Market Guide for Email Security

Because email wasn’t originally designed with security in mind, it remains inherently vulnerable to deception and social engineering attacks. When so much of your operations depend on email, how do you protect this vital communications channel?

The 2023 Gartner Market Guide for Email Security examines how new solutions can address the modern email security challenges you're likely experiencing. But if you're too busy fighting email threats to read a lengthy report, we've collected the major points and dove into the key takeaways in our recap blog post.

2022 FBI IC3 Report Shows $2.7 Billion in Losses from Business Email Compromise

It’s that time of year once again: the FBI has released the latest edition of its annual Internet Crime Report.

One major takeaway? Total losses from business email compromise attacks topped $2.7 billion—a year-over-year increase of 14.5%. What’s more, that $2.7 billion represents a full 25% of all losses reported to the FBI IC3. Ransomware attacks might be what makes the biggest headlines, but year after year it’s business email compromise that remains a leading culprit for massive financial losses.

Addressing Cybersecurity Threats Associated with the SVB Closure

If there’s one guarantee in cybersecurity, it’s that threat actors love to capitalize on the disruption created by unexpected major events. And with the shuttering of Silicon Valley Bank (SVB), cybercriminals have been out in full force.

The SVB closure represents a near-perfect opportunity for threat actors to engage in a myriad of email attacks—from BEC and VEC to phishing and payment fraud. Learn why this is the case as well as practical ways you can reduce your organization’s risk.

Stopping Vendor Email Compromise in Action: How Abnormal Detected a $36M Attack

Vendor email compromise attacks are highly successful because they exploit the trust and existing relationships between vendors and customers through personalization and social engineering. And threat actors have come a long way from just requesting gift cards for the CEO.

After all, why get $1000 in Apple iTunes gift cards when you can get millions instead? And no, we're not exaggerating. Abnormal recently detected and blocked an invoice scam that requested $36 million. And worst of all, this attack was nearly undetectable to the average recipient.

With new cyber threats emerging almost daily, staying up to date on the latest cybersecurity trends, industry news, and best practices can be challenging and time-consuming. To help make it easier, sign up for our newsletter to get the latest Abnormal blog posts delivered right to your inbox.