News

Evan Reiser and Sanjay Jeyakumar do not come from cybersecurity backgrounds. The pair linked up at TellApart, the advertising technology startup that was sold to Twitter for $479 million in the social

Read more

Scammers have tried to rip off computer equipment suppliers with a targeted email that impersonated the Commissioner of the Texas Department of State Health Services (DSHS). Read more in Bleeping Computer.

Read more

Cyber-criminals have tried to receive free goods by posing as the Texas government and emailing out Requests for Quotes (RFQs). The multi-layered email attack, in which threat actors pretended to be from the

Read more

Cloud-based cybersecurity startups have hurdled old industry obstacles like subway turnstile-hoppers. Perhaps none are on a faster express train than a 2-year-old company named Abnormal Security. Read more in Business Insider.

Read more

If you believed 2018 was the summer of scam, think again. As the U.S. has struggled to control the coronavirus outbreak over the past six months of 2020, it’s also been flooded with financial scams.

Read more

Abnormal Security announced a global strategic alliance with Microsoft to deliver comprehensive security solutions to enterprises. Customers can now purchase Abnormal’s security offering directly from Microsoft’s Azure Marketplace. Read more in Help Net Security.

Read more

Microsoft on Monday announced a partnership with Abnormal Security Corp., under which the San Francisco-based email-security startup will move its software onto the tech giant’s Azure cloud. Read more in Wall Street

Read more

Election security is an ever-increasing concern of cybersecurity and government officials. It used to be that voting infrastructure and database security was at the core of the conversation. But since the rise

Read more

Cyber-criminals have been impersonating the well-known Bitcoin BTC ERA trading platform in order to infect users of the online currency with malware, according to new research from Abnormal Security. Read more on

Read more

In a case that highlights how anybody — truly, anybody — can be a victim of invoice fraud, federal officials have reportedly charged two brothers in New York State for an alleged $19 million

Read more

Brand impersonation is a go-to tactic for attackers, especially for credential phishing and BEC attacks COVID-19-themed email attacks, an increase in BEC attack volume and acceleration of payment and invoice fraud, according

Read more

The pandemic may be worsening the situation. Payment and invoice fraud attacks increased 112% in the second quarter of the year, during the coronavirus’s wildfire spread, compared with the first quarter, according

Read more

Multifactor authentication (MFA) is widely regarded as a strong measure for protecting against account takeover attacks. But as with almost any security control, adversaries have devised several ways to bypass it. Read

Read more

Entities should be on the alert for an increase in two business email compromise campaigns. One report found an increase in BEC phishing campaigns targeting the Microsoft Office 365 accounts of executives, while the other

Read more

An uptick in business email compromise attacks is being attributed to successful compromises of multi-factor authentication (MFA) and conditional access controls, according to researchers. While brute-forcing and password spraying techniques are the

Read more

Researchers at Abnormal Security have detected an increase in business email compromise attacks that successfully compromise email accounts despite the use of multi-factor authentication (MFA) and Conditional Access. Read more on BetaNews.

Read more

A phishing lure disguised as a legitimate inquiry by a recruiter for a new job opportunity inserts a malicious template into an attached Word document, which then gathers intelligence on the target,

Read more

Employees using Microsoft Office 365 are targeted in a phishing campaign that makes use of bait messages camouflaged as automated SharePoint notifications to steal their accounts. The phishing emails delivered as part

Read more

Receiving an email request from a co-worker to pay an invoice happens every minute, of every hour, of every day. So do fraudulent ones. Online criminals are increasingly targeting those who hold

Read more

Unfortunately, the Covid pandemic and working from home is also a good time for attackers to release their malware and phishing nets. The most recent threat we covered was the returning of the Emotet banking

Read more

Phishing campaigns work by impersonating some well-known organization or brand, and that certainly includes a company like Microsoft. With products like Windows, Office, Outlook, and OneDrive prevalent among consumers and businesses, Microsoft

Read more

A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from security firm Abnormal Security. Read more on BankInfoSecurity.

Read more

The first few months of 2020 have radically reshaped the way we work and how the world gets things done. While the wide use of robotaxis or self-driving freight trucks isn’t yet in place, the

Read more

According to researchers at Abnormal Security, Microsoft Office 365 users in corporate environments are the focus of the operation. In a blog post, victims are told that Zoom accounts have been suspended. Read

Read more

Microsoft Office 365 users are targeted by a new phishing campaign using fake Zoom notifications to warn those who work in corporate environments that their Zoom accounts have been suspended, with the

Read more

Security researchers are warning of a new phishing campaign that uses malicious emails from legitimate SurveyMonkey domains in a bid to bypass security filters. The phishing emails in question are sent from

Read more

Phishing campaigns are a favored tactic among many cybercriminals because they’re relatively easy to set up and deploy. Because the phishing emails typically impersonate a well-known company or brand, they stand a

Read more

Artificial intelligence is beginning to be usefully deployed in almost every industry from customer call centers and finance to drug research. Yet the field is also plagued by relentless hype, opaque jargon

Read more

There has been a 200 percent increase in BEC attacks focused on invoice or payment fraud from April to May 2020, according to Abnormal Security. This sharp rise continues the trend. Read

Read more

Abnormal Security found a 75% increase in this type of campaign in the first three months of the year and a spike of 200% from April to May. Read more at TechRepublic.

Read more

Researchers at Abnormal Security discovered the Wells Fargo phishing campaign customers earlier this month. To date, the campaign has targeted over 15,000 customers using .ics calendar file attachments designed to direct them

Read more

Wells Fargo customers targeted in phishing campaign. Customers of Wells Fargo & Co. are being targeted by a phishing campaign that sends calendar invitations to customers, leading to a fake website that

Read more

Between the second and third weeks of March 2020, email scams and phishing attacks spiked by an unprecedented 436%. Such was the effect of the COVID-19 pandemic. Meanwhile, business email compromise (BEC)

Read more

Employees of large corporations are being targeted with phishing emails that impersonate the Wells Fargo security team and use innocent-looking calendar invitations as clickbait. Read more at American Banker.

Read more

Abnormal Security researchers are investigating a much larger campaign aimed at Wells Fargo customers. The fraudsters are imitating the bank’s security team and alerting victims with a fake message that if they

Read more

Researchers at Abnormal Security describe an ongoing phishing campaign in which the criminals misrepresent themselves as Wells Fargo’s security, attempting to induce victims to give up such sensitive banking information as their

Read more

Customers and employees of Wells Fargo are being warned of an email scam that pretends to come from the financial institution’s security team. According to security company Abnormal Security, the message says

Read more

The cybersecurity firm Abnormal Security recently uncovered how malicious players built an Office 365 phishing site targeting remote workers that use the platform. Today, the company exposes a similar attack that exploits

Read more

Wells Fargo customers are being targeted by a phishing campaign impersonating the Wells Fargo Security Team and luring potential victims to phishing pages with the help of calendar invites. Read more at

Read more

COVID-related attacks increased 436% between the second and third weeks of March 2020, with an average 173% week-over-week increase during the quarter, according to Abnormal Security. Read more at Help Net Security.

Read more

In yet another sign that cybercriminals are keen to exploit the current world situation, in the second and third weeks of March business email compromise (BEC) attacks increased more than 430 percent

Read more

The number of Business Email Compromise (BEC) attacks being leveled at C-Suite executives has declined as threat actors focus on a new target. According to new research published today by Abnormal Security,

Read more

For its “Abnormal Quarterly BEC Report Q1 2020 report,” Abnormal Security found that BEC attacks have become more sophisticated. Attackers are taking time to plan their campaigns and have been moving their

Read more

New research shows attackers are targeting and establishing relationships with accounts payable departments. Read more at Dark Reading.

Read more

Cyber crooks are trying to steal passwords for small-business Microsoft accounts in the U.K. by sending phony emails promising government relief funds for businesses shut down by the coronavirus.  Read more at

Read more

Business owners with Microsoft Office 365 accounts are targeted in a phishing campaign that uses bait emails designed to look like legitimate Small Business Grants Fund (SGF) relief payment messages from the

Read more

Office 365 customers are being targeted by a phishing campaign that uses fake VPN update messages to steal login details. Read more at TechRadar Pro.

Read more

Criminals are taking advantage of the increasing use of virtual private network software by people working at home to spread malware. A VPN may be required by employers for safely logging into

Read more

Restrictions around the world have meant that much of the global workforce has had adapt to remote working and all the online and cloud-based solutions that come with that. This means becoming

Read more

Hackers sent remote workers malicious email links to fraudulently capture their user credentials, according to an Abnormal Security report. Read more at Windows Report.

Read more

Fraudsters are using fake VPN update alerts to target remote workers in an effort to steal their Microsoft Office 365 credentials, according to the security firm Abnormal Security. Read more at BankInfoSecurity.

Read more

Business email compromise (BEC) attacks represent a small percentage of email attacks, but disproportionately represent the greatest financial risk. Read more from Abnormal Security CEO Evan Reiser in Threatpost.

Read more

Phishers are impersonating companies’ IT support team and sending fake VPN configuration change notifications in the hopes that remote employees may be tricked into providing their Office 365 login credentials. Read more

Read more

As the pandemic has triggered a huge shift toward remote working, so, too, have criminals been trying to target business employees working at home. In a blog post published Wednesday, Abnormal Security

Read more

Microsoft Office 365 customers are targeted by a phishing campaign using bait messages camouflaged as notifications sent by their organization to update the VPN configuration they use to access company assets while

Read more

Spurred on by the coronavirus pandemic, cybercriminals have been busy launching phishing attacks that impersonate organizations and other items associated with the virus. One group that’s been exploited in many of these

Read more

As more people are working remotely due to the coronavirus, cloud services have seen a surge in demand. But as this trend has unfolded, cybercriminals have found a ripe target to exploit.

Read more

When looking at all the different ways that hackers can threaten networks and enterprises, flashy incidents like ransomware scams often come to mind. But a relatively new kind of attack called business

Read more

Abnormal Security, a leader in protecting large enterprises from Business Email Compromise (BEC) attacks, introduced VendorBase, a global, federated database that tracks the reputations of an organization’s vendors and customers, and improves

Read more

Abnormal Security reports that an ongoing phishing campaign is targeting LogMeIn customers. They’re using a bogus security update as the phishbait to lure victims to a malicious site that impersonates a log-in

Read more

Earlier this month, researchers at Abnormal Security uncovered a phishing campaign that spoofed Teams notifications to harvest Office 365 credentials from employees working from home offices due to COVID-19 pandemic. Read more

Read more

LogMeIn users are being targeted with fake security update requests, which lead to a spoofed phishing page. Read more at Help Net Security.

Read more

Add LogMeIn to the list of remote services and collaboration platforms whose users are being targeted by phishing scammers seeking to take advantage of businesses’ current work-from-home policies under COVID-19. Read more

Read more

A new phishing scam involving fake emails claiming to be from the Vienna, Va.-based Navy Federal Credit Union ($125 billion in assets, 9.1 million members) is targeting victims to steal their credentials,

Read more

Abnormal Security has launched VendorBase, a global, federated database that tracks the reputations of an organization’s vendors and customers, and improves detection accuracy of advanced social engineering attacks, the company says. Read

Read more

Phishing campaigns try to trick people by spoofing well-known companies, brands, and products. Such campaigns often strive to reference items in the news to catch the attention of those concerned about current

Read more

VendorBase from Abnormal Security enhances supply chain security and prevents business email compromise (BEC) attacks by evaluating vendors across several criteria and detecting advanced social engineering attacks on enterprises. Read more at

Read more

Email compromise via spoofed domains or compromised accounts is a major problem. But a new cloud platform from Abnormal Security tracks the reputations of an organization’s vendors and customers, and improves detection

Read more

A phishing campaign using a fake Zoom notification is targeting employees in an effort to steal Office 365 credentials, looking to trick people into entering their user names and passwords into a

Read more

A new phishing campaign spotted by Abormal Security takes advantage of the popularity of Zoom to try to capture account credentials of unsuspecting users. Read more at TechRepublic.

Read more

Cyber-thieves are impersonating videoconferencing platform Zoom to steal victims’ Microsoft credentials. New research published today by Abnormal Security revealed that Zoom users are being targeted with fake notification emails that contain malicious

Read more

With so many people working from home, it should come as no surprise that WebEx accounts have become a target for phishing. A stolen account would let an attacker potentially spy on

Read more

A new phishing campaign analyzed by Abnormal Security shows how cybercriminals are exploiting DocuSign, the coronavirus, and the transition to remote working to try to capture account credentials. In a blog post

Read more

DocuSign users on Office 365 are the target of a new phishing campaign that features COVID-19 as a lure to convince them to offer up their credentials in return for pandemic information.

Read more

Social engineering is one of the most common approaches taken by cybercriminals in order to steal data or get users to install malware. But a new generation of payload-less attacks is now

Read more

There is no denying that the video-conferencing tool Zoom has become an essential part of our professional and social lives. Due to social distancing matters, most of us are now relying on

Read more

Zoom and Microsoft Teams have become lucrative targets for cybercriminals. Not only are stolen Zoom credentials being sold on the dark web, hackers are using fake Zoom installer software to spread malware

Read more

Cybercriminals have launched a new series of phishing attacks which attempt to steal the account credentials of Cisco Webex users by utilizing fake certificate error warnings. Read more at TechRadar Pro.

Read more

Reports from a company called Abnormal Security say hackers are also trying to squirm into Cisco Webex and Microsoft Teams video meetings. They’re sending out emails impersonating automated messages from both services,

Read more

As the use of collaborative platforms continues to tick up as people work from home during the Covid-19 pandemic, hackers are sending fake email notifications that appear to come from Microsoft Teams

Read more

Remote workers are being urged to take extra care following the reveal of a new security scam affecting Microsoft Teams. Users of the popular video conferencing service are being targeted by a

Read more

Security researcher have found that hackers are impersonating a notification from Microsoft Teams to steal the credentials of employees. According to a blog post by Abnormal Security, cybercriminals have crafted convincing emails

Read more

A new phishing attack uses cloned Microsoft imagery to trick people into giving away their Office 365 login details. Read more at Windows Central.

Read more

According to security researchers at Abnormal Security, Microsoft Teams has been hit by two separate attacks targeting as many as 50,000 users. The campaigns reportedly aim to phish Office 365 logins. Read

Read more

A recently uncovered phishing campaign is spoofing notifications from Microsoft’s Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according

Read more

Although the likes of Telegram, the secure messenger service with 400 million users, has confirmed it is moving into the video chat space, the most immediate threat to the dominance of Zoom

Read more

Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says. Read more at Dark Reading.

Read more

Attackers are exploiting the surge in the use of Microsoft Teams in an attempt to trap unsuspecting users, says Abnormal Security. Read more at TechRepublic.

Read more

A highly convincing phishing campaign is using cloned imagery from automated Microsoft Teams notifications in attacks that attempt to harvest Office 365 credentials. Read more at Bleeping Computer.

Read more

A convincing cyberattack that impersonates notifications from Microsoft Teams in order to steal the Office 365 credentials of employees is making the rounds, according to researchers. Two separate attacks have targeted as

Read more

According to software company Abnormal Security, hackers are taking advantage of the fact that “students and staff are likely highly attuned to any news about a university’s response to the outbreak, and

Read more

A phishing attack uncovered by Abnormal Security, targeted users with bogus e-mails in a bid to steal their Office 365 credentials, by redirecting unsuspecting victims to a fake Office 365 login page.

Read more

A cruel new phishing scam arrives in your email inbox reminding you of an “emergency” company Zoom meeting that’s due to start in only a few minutes. Why should you join in?

Read more

Researchers have discovered two new phishing campaigns targeting user credentials for both Skype and Zoom, amid the spike in remote work tied to the COVID-19 pandemic. Read more in HealthITSecurity.

Read more

Some fraudsters have pivoted from using the COVID-19 pandemic as a phishing lure to creating messages and malicious domains designed to capitalize on various U.S. economic stimulus programs. Read more at BankInfoSecurity.

Read more

Abnormal Security, the platform that protects large enterprises from the most sophisticated, targeted email attacks, announced the appointment of Kevin Moore as Chief Revenue Officer. Read more at Help Net Security.

Read more

Email security firm Abnormal Security has appointed Kevin Moore as chief revenue officer. Moore will be responsible for scaling up Abnormal Security’s worldwide sales team and helping the firm achieve its growth

Read more

Abnormal Security uncovered a business email compromise attack based around the Paycheck Protection Program. Read more at Politico.

Read more

The shift to remote work amidst the ongoing COVID-19 pandemic and the increased demand for video conferencing services have become a lucrative tactic for attackers to steal credentials and distribute malware. Read

Read more

As the researchers at Abnormal Security describe, computer users are being targeted with phishing emails that have adopted just that disguise. Read more at Graham Cluley.

Read more

Zoom may have fixed many of its own security issues, but it’ll never be immune to hackers trying to trick the company’s users. Malicious actors are now targeting users with fake Zoom

Read more

Although the popularity of zoom has skyrocketed amid the Coronavirus pandemic, its users are increasingly falling prey to the cyber criminals. According to the latest research by Abnormal Security, cyber criminals are

Read more

Zoom users are targeted by a new phishing campaign that uses fake Zoom meeting notifications to threaten those who work in corporate environments that their contracts will either be suspended or terminated.

Read more

In a new phishing campaign discovered by Abnormal Security, attackers are sending out emails that pretend to be from a CARES act representative who needs a signature on a “PPP_CARES_SignaturePG1-2” document for

Read more

A new Zoom phishing campaign preys on people’s fears related to job security, tricking them into revealing credentials that criminals can abuse in a variety of ways. Read more at Security Boulevard.

Read more

Two new phishing campaigns that aim to obtain Zoom and WebEx credentials have emerged, capitalizing on fears of layoffs and payroll changes. The phishing emails deliver fake information with “Zoom meeting about

Read more

API-Based Integration with Microsoft Teams and Okta Multi-Factor Authentication Extends Security Coverage Beyond Email to Provide End-to-End Channel Protection. Read more at Dark Reading.

Read more

Abnormal Security has launched Microsoft Teams protection and integration with Okta to extend email security coverage and protect remote workforces from social engineering attacks, the company says. Read more at MSSP Alert.

Read more

Two new phishing campaigns discovered by Abnormal Security are trying to exploit employees (at the moment very rational) fears by delivering fake “Zoom meeting about termination” emails and fake notifications about COVID-19

Read more

The fraudsters’ mission is to lure recipients with financial relief options. The phishing expedition, as explained by AbnormalSecurity.com, requests the recipient’s signature for PPP documents. Clicking on the link directs users to

Read more

The need to protect remote working is exercising many organizations at the moment. Abnormal Security is launching a new Microsoft Teams Protection product to help guard the platform against social engineering attacks.

Read more

Security firm Abnormal Security discovered a phishing email giving a single day for the recipient to respond and claim an outstanding tax rebate from HMRC (the UK tax authority) for ‘550.11 GBP’.  Read

Read more

Abnormal Security researchers uncovered a phishing campaign, designed to steal Zoom credentials, that attempts to trick email recipients into thinking they are about to be laid off amid the pandemic. Read more

Read more

A newly discovered phishing scam attempts to hook Brits with the promise of a tax refund from Her Majesty’s Revenue and Customs. Research from Abnormal Security details a sophisticated fraud fest in

Read more

The pandemic has driven more of our personal and work lives online – and for the bad guys, business is booming. Here’s how you can protect yourself. Abnormal Security’s Ken Liao comments

Read more

Business Insider asked the experts — venture capitalists — about the startups in their portfolios that are still on track for success in today’s conditions and that they think have bright futures

Read more

Abnormal Security CEO Evan Reiser was interviewed by ABC11 News in North Carolina about scammers using the promise of a stimulus check to steal information from its victims. See the full story

Read more

Abnormal Security recently explained the scams in greater detail in a blog post, writing that cybercriminals are “impersonating a major financial institution claiming to have received the recipient’s stimulus check, but needing the

Read more

The latest evidence of this is a new report, authored by Abnormal Security, which details a scheme to impersonate a major financial institution that supposedly is holding economic stimulus funds for its customers.

Read more

Researchers at Abnormal Security have detected an attack in which scammers impersonating a major financial institution are asking victims to verify their financial details before their stimulus funds can be released. Read the full

Read more

There have been several cases where students have received emails that seemingly came from university officials and claimed to provide updates about the coronavirus lockdown. The emails prompted users to click on

Read more

COVID-19 is a rapidly spreading virus that is causing a fundamental shift in how business is conducted in every industry from retail, financial services, healthcare and more. Malicious attacks are rising during

Read more

COVID-19-themed scams are exploding both online and offline. Hijacked Twitter accounts peddling fake cures, scammy sites offering emergency supplies, misinformation campaigns, phishing emails and – can you believe it? – even a

Read more

The WHO said cyberattacks have more than doubled in recent months as malicious hackers attempt to pose as the organisation. Read the full article in Silicon Republic here.

Read more

As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who’ve taken advantage of the opportunity to target victims

Read more

With everyone hunkered down, working from home, taking online classes or just killing the time browsing the web, cyber attacks are exploiting the public’s fears about the coronavirus and using email phishing

Read more

While many across the U.S. and Bay Area are sheltering-in-place, cybercriminals are striking. Cybersecurity experts say online scammers are on the offensive, targeting vulnerable Internet users. Another phishing attack, uncovered by Abnormal

Read more

A new phishing email campaign targeting college students and staff to capture log-in credential and infect computers with malware is taking advantage the coronavirus pandemic to appear more legitimate to its targets.

Read more

New research from the San Francisco email security firm Abnormal Security has found that students as well as businesses are being targeted. A new phishing campaign is sending emails that appear to

Read more

Hackers and cybercriminals have been leveraging the hype and fear connected with the growing COVID-19 pandemic as a tool to steal passwords and data. Discovered by San Francisco-based Abnormal Security, one attack uses

Read more

The Abnormal Cloud Email Security Platform stops targeted phishing, business email compromise and account takeover attacks using a uniqu combination of data science and behavior modeling. Read more at Enterprise Security Tech

Read more

The RSA Conference 2020 Early Stage Expo is an innovation space dedicated to promoting emerging talent in the industry. Here are some of the most exciting companies exhibiting innovative products and solutions, which you

Read more

Founded in 2018, Abnormal Security protects companies from targeted email attacks that were previously undetectable. Read more at Crunchbase here.

Read more

“According to the FBI, business email compromise is the No. 1 cyber crime for enterprises,” says Motamedi. “Unlike other enterprise solutions, their technology models the identity of users, graphs their relationships and

Read more

Ever received a terse email from a suspicious account asking for wire transfers and potentially compromising information? Abnormal Security fights back against these scammers with data science tools, listening for signals and behaviors associated

Read more

But in a chicken-and-egg kind of way, one of the results of the decline in public exits is that fewer startup founders seem to aspire to build great companies…Evan Reiser [CEO of

Read more

Abnormal Security was founded in 2018, and in November closed a $24 million Series A funding round led by Greylock Partners to better protect enterprises from unknown or targeted email attacks through

Read more

A cybersecurity startup launched a new platform Tuesday designed to thwart sophisticated scams by identifying abnormal emailing behaviors. Aptly named Abnormal Security, the San Francisco startup aims to use behavior modeling and

Read more

In spring of 2017, Asheem Chandna was sitting in a meeting at the Silicon Valley offices of Greylock Partners, the venture capital firm where he works as an investor, when he learned

Read more

Garages have a special place in Silicon Valley lore. The biggest behemoths, from Apple to Google to Amazon, reportedly started from those humble beginnings. The garage even earned itself several references in

Read more

We are excited to announce that Greylock led a $24M Series A investment in Abnormal Security, a company initiated and incubated in 2018 at Greylock offices. Founded by Evan Reiser and Sanjay

Read more