Q1 2023 in Review: 7 Must-Read Blog Posts from Abnormal

We wanted to make sure that you have the opportunity to check out the most recent news and updates. Here are a few posts from the last quarter that you might have missed.
March 31, 2023

At Abnormal, we recognize that to be a true partner to the cybersecurity community, we need to be more than just a solutions provider.

That’s why, in addition to developing technology that stops the full spectrum of email attacks and offers direct visibility into security posture, we consistently publish content that features the kinds of insights and advice security leaders need to keep their organizations safe from threat actors.

Given the constant evolution of threats and the availability of new intelligence almost every day, we’ve been sharing quite a bit of content lately. We wanted to make sure that you have the opportunity to read through the most recent news and updates, which is why we've gathered a few posts from the last quarter that you might have missed.

1 Phishing Attacks Pose as Updated 2023 HR Policy Announcements

Phishing Attacks Pose as Updated 2023 HR Policy Announcements

Just like we see cybercriminals leverage the holidays to add more temporally-relevant context to their attacks, research from the Abnormal Intelligence team shows that threat actors are shifting tactics to take advantage of organizational changes that happen at the start of the year.

In two attacks stopped by Abnormal, threat actors impersonated HR and sent emails claiming to contain resources related to new benefits and employee handbook updates—which were actually phishing links and attachments to steal employee credentials.

2 Bypassing SE Gs with Multi Step Phishing A Real World Example

Bypassing SEGs with Multi-Step Phishing: A Real-World Example

Secure email gateways, or SEGs, were once useful preventative tools to stop attacks targeting organizations. And while SEGs are effective at blocking common email threats with known indicators of compromise, they are ineffective against more sophisticated, never-before-seen attacks and the social engineering tactics used by modern threat actors. In short, advanced attacks require advanced protection.

Discover more about the gaps present in the protection offered by secure email gateways and how threat actors are finding innovative ways to bypass these systems.

3 28 of BEC Attacks Opened by Employees New Data Shows

28% of BEC Attacks Opened by Employees, New Data Shows

Your employees are your greatest asset. They’re also your greatest cybersecurity liability. And when it comes to email attacks, the odds are stacked against them.

According to our latest email threat report, employees open a whopping 28% of all BEC attacks and of those, they respond to 15% of them. And if you think that your phishing button is working, we have bad news. Only 2.1% of all attacks are ever reported. Making matters worse: of the emails reported, 84% of them are safe or graymail.

4 Key Takeaways from the 2023 Gartner Market Guide for Email Security

Key Takeaways from the 2023 Gartner Market Guide for Email Security

Because email wasn’t originally designed with security in mind, it remains inherently vulnerable to deception and social engineering attacks. When so much of your operations depend on email, how do you protect this vital communications channel?

The 2023 Gartner Market Guide for Email Security examines how new solutions can address the modern email security challenges you're likely experiencing. But if you're too busy fighting email threats to read a lengthy report, we've collected the major points and dove into the key takeaways in our recap blog post.

5 2022 FBI IC3 Report Shows 2 7 Billion in Losses from Business Email Compromise

2022 FBI IC3 Report Shows $2.7 Billion in Losses from Business Email Compromise

It’s that time of year once again: the FBI has released the latest edition of its annual Internet Crime Report.

One major takeaway? Total losses from business email compromise attacks topped $2.7 billion—a year-over-year increase of 14.5%. What’s more, that $2.7 billion represents a full 25% of all losses reported to the FBI IC3. Ransomware attacks might be what makes the biggest headlines, but year after year it’s business email compromise that remains a leading culprit for massive financial losses.

6 Addressing Cybersecurity Threats Associated with the SVB Closure

Addressing Cybersecurity Threats Associated with the SVB Closure

If there’s one guarantee in cybersecurity, it’s that threat actors love to capitalize on the disruption created by unexpected major events. And with the shuttering of Silicon Valley Bank (SVB), cybercriminals have been out in full force.

The SVB closure represents a near-perfect opportunity for threat actors to engage in a myriad of email attacks—from BEC and VEC to phishing and payment fraud. Learn why this is the case as well as practical ways you can reduce your organization’s risk.

7 Stopping Vendor Email Compromise in Action How Abnormal Detected a 36 M Attack

Stopping Vendor Email Compromise in Action: How Abnormal Detected a $36M Attack

Vendor email compromise attacks are highly successful because they exploit the trust and existing relationships between vendors and customers through personalization and social engineering. And threat actors have come a long way from just requesting gift cards for the CEO.

After all, why get $1000 in Apple iTunes gift cards when you can get millions instead? And no, we're not exaggerating. Abnormal recently detected and blocked an invoice scam that requested $36 million. And worst of all, this attack was nearly undetectable to the average recipient.

Staying One Step Ahead of Attackers

With new cyber threats emerging almost daily, staying up to date on the latest cybersecurity trends, industry news, and best practices can be challenging and time-consuming. To help make it easier, sign up for our newsletter to get the latest Abnormal blog posts delivered right to your inbox.

Sign Up for Abnormal Insights
Q1 2023 in Review: 7 Must-Read Blog Posts from Abnormal

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Sans Recap 7 11 24
Discover trends among modern SOC teams, including misaligned budgets, increased automation, unsatisfactory AI tools, staffing issues, and more.
Read More
B State and Local Government Attack Trends
Advanced attacks targeting state and local governments are increasing. Discover what our research revealed about this alarming trend.
Read More
B Examining Employee Engagement with Email Attacks
Cybercriminals know that humans are your enterprise's biggest vulnerability and are successfully engaging with your employees at an alarming rate.
Read More
Explore how Abnormal’s AI Security Mailbox enhances cybersecurity by engaging and educating employees with personalized GenAI responses. Improve security awareness and streamline operations.
Read More
B Q2 2024 Attacks
In the second installment of our quarterly look-back at malicious emails, we examine 5 more recent noteworthy attacks detected and stopped by Abnormal.
Read More