Q2 2022 in Review: Abnormal Moments You May Have Missed

At Abnormal Security, we’re committed to being a valuable partner to the cybersecurity community. Along with providing technology that helps organizations protect their workforce from modern email attacks, we continually share content on the topics that matter most to security professionals. Our blog posts explore current trends, provide insights on the latest data, and offer actionable advice from industry experts.

With constantly evolving threats and new intelligence available almost daily, we’ve been publishing quite a bit lately. We want to make sure you have the opportunity to read all of the news and insights that can help you better safeguard your organization against advanced attacks.

Here are a handful of posts from the last few months we wanted to highlight.

According to the FBI, successful phishing attacks have increased by 34% in the last year, making it the most common email threat organizations face. On top of that, Abnormal data shows that 77% of all advanced email attacks contain a phishing link.

Phishing emails can open the door to more damaging and costly cybercrimes, which means it's critical to stop them before they reach employee inboxes. Learn why phishing emails are so dangerous and what you can do to stop them.

Read "Tackling the Increasing Threat of Phishing" >>

Secure email gateways (SEGs) were built to block traditional email attacks that contain known indicators of compromise within on-premises environments. But modern attacks don’t contain these traditional indicators, and more organizations adopt cloud-based email every day.

With high-impact email attacks on the rise, relying on a SEG could be doing more harm than good, providing your team with a false sense of security. See why SEGs can’t block advanced attacks in this webinar recap featuring Hunter Hogan from Microsoft.

Read "Blocking the Advanced Attacks Your SEG Never Could" >>

In a supply chain compromise attack, a threat actor either uses a compromised vendor email account or impersonates an external third party to redirect the flow of company funds. Supply chain compromise attacks are specifically designed to bypass traditional email security and can cause substantial financial loss.

Our research uncovered some startling statistics about these email attacks and the growing risk they pose. Learn why these attacks represent a significant threat to organizations of all sizes.

Read "New Research Shows 67% Chance of Financial Supply Chain Compromise Attack" >>

Ransomware actors have proven that they're focused on one thing: making money in whatever way possible. Ransomware continues to be a significant threat vector across all industries and countries, and threat actors are targeting organizations with annual revenue as low as $8 million.

We took a close look at the ransomware ecosystem and analyzed some of the most high-profile groups of the past two years. Discover more about the 62 most prominent ransomware groups and their activities since January 2020.

Read "A Deep Dive into Active Ransomware Groups" >>

While the core elements of most credential phishing attacks have stayed consistent throughout the 2000s, the ways modern cybercriminals approach creating phishing sites are becoming increasingly more elaborate.

In a recent attack, the threat actor leveraged a man-in-the-middle framework—capable of displaying live content and bypassing multifactor authentication—to recreate Stripe’s entire website to steal login credentials. See how it was executed and how Abnormal was able to stop it.

Read "Stripe Website Impersonated in Credential Phishing Attack" >>

In addition to our blog, we have a wealth of guides, white papers, on-demand webinars, and more available in our Resource Center—like our latest threat intelligence report, From CEO Fraud to Vendor Fraud: The Shift to Financial Supply Chain Compromise.

Starting in January 2022, vendor impersonation outranked executive impersonation in business email compromise attacks, and that trend has continued each month since. Find out why this is the case (hint: you only have one CEO but hundreds of vendors!) and get insight into the four most common types we've noticed. Download the report now.

Sign up for our blog newsletter to get the latest posts delivered to your inbox. Just enter your email address in the dark green box on the right side of the page to subscribe.