Evan Reiser and Sanjay Jeyakumar do not come from cybersecurity backgrounds. The pair linked up at TellApart, the advertising technology startup that was sold to Twitter for $479 million in the social
Scammers have tried to rip off computer equipment suppliers with a targeted email that impersonated the Commissioner of the Texas Department of State Health Services (DSHS). Read more in Bleeping Computer.
Cyber-criminals have tried to receive free goods by posing as the Texas government and emailing out Requests for Quotes (RFQs). The multi-layered email attack, in which threat actors pretended to be from the
Cloud-based cybersecurity startups have hurdled old industry obstacles like subway turnstile-hoppers. Perhaps none are on a faster express train than a 2-year-old company named Abnormal Security. Read more in Business Insider.
If you believed 2018 was the summer of scam, think again. As the U.S. has struggled to control the coronavirus outbreak over the past six months of 2020, it’s also been flooded with financial scams.
Abnormal Security announced a global strategic alliance with Microsoft to deliver comprehensive security solutions to enterprises. Customers can now purchase Abnormal’s security offering directly from Microsoft’s Azure Marketplace. Read more in Help Net Security.
Microsoft on Monday announced a partnership with Abnormal Security Corp., under which the San Francisco-based email-security startup will move its software onto the tech giant’s Azure cloud. Read more in Wall Street
Election security is an ever-increasing concern of cybersecurity and government officials. It used to be that voting infrastructure and database security was at the core of the conversation. But since the rise
Cyber-criminals have been impersonating the well-known Bitcoin BTC ERA trading platform in order to infect users of the online currency with malware, according to new research from Abnormal Security. Read more on
In a case that highlights how anybody — truly, anybody — can be a victim of invoice fraud, federal officials have reportedly charged two brothers in New York State for an alleged $19 million
Brand impersonation is a go-to tactic for attackers, especially for credential phishing and BEC attacks COVID-19-themed email attacks, an increase in BEC attack volume and acceleration of payment and invoice fraud, according
The pandemic may be worsening the situation. Payment and invoice fraud attacks increased 112% in the second quarter of the year, during the coronavirus’s wildfire spread, compared with the first quarter, according
Multifactor authentication (MFA) is widely regarded as a strong measure for protecting against account takeover attacks. But as with almost any security control, adversaries have devised several ways to bypass it. Read
Entities should be on the alert for an increase in two business email compromise campaigns. One report found an increase in BEC phishing campaigns targeting the Microsoft Office 365 accounts of executives, while the other
An uptick in business email compromise attacks is being attributed to successful compromises of multi-factor authentication (MFA) and conditional access controls, according to researchers. While brute-forcing and password spraying techniques are the
Researchers at Abnormal Security have detected an increase in business email compromise attacks that successfully compromise email accounts despite the use of multi-factor authentication (MFA) and Conditional Access. Read more on BetaNews.
A phishing lure disguised as a legitimate inquiry by a recruiter for a new job opportunity inserts a malicious template into an attached Word document, which then gathers intelligence on the target,
Employees using Microsoft Office 365 are targeted in a phishing campaign that makes use of bait messages camouflaged as automated SharePoint notifications to steal their accounts. The phishing emails delivered as part
Receiving an email request from a co-worker to pay an invoice happens every minute, of every hour, of every day. So do fraudulent ones. Online criminals are increasingly targeting those who hold
Unfortunately, the Covid pandemic and working from home is also a good time for attackers to release their malware and phishing nets. The most recent threat we covered was the returning of the Emotet banking
Phishing campaigns work by impersonating some well-known organization or brand, and that certainly includes a company like Microsoft. With products like Windows, Office, Outlook, and OneDrive prevalent among consumers and businesses, Microsoft
A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from security firm Abnormal Security. Read more on BankInfoSecurity.
The first few months of 2020 have radically reshaped the way we work and how the world gets things done. While the wide use of robotaxis or self-driving freight trucks isn’t yet in place, the
According to researchers at Abnormal Security, Microsoft Office 365 users in corporate environments are the focus of the operation. In a blog post, victims are told that Zoom accounts have been suspended. Read
Microsoft Office 365 users are targeted by a new phishing campaign using fake Zoom notifications to warn those who work in corporate environments that their Zoom accounts have been suspended, with the
Security researchers are warning of a new phishing campaign that uses malicious emails from legitimate SurveyMonkey domains in a bid to bypass security filters. The phishing emails in question are sent from
Phishing campaigns are a favored tactic among many cybercriminals because they’re relatively easy to set up and deploy. Because the phishing emails typically impersonate a well-known company or brand, they stand a
Artificial intelligence is beginning to be usefully deployed in almost every industry from customer call centers and finance to drug research. Yet the field is also plagued by relentless hype, opaque jargon
There has been a 200 percent increase in BEC attacks focused on invoice or payment fraud from April to May 2020, according to Abnormal Security. This sharp rise continues the trend. Read
Abnormal Security found a 75% increase in this type of campaign in the first three months of the year and a spike of 200% from April to May. Read more at TechRepublic.
Researchers at Abnormal Security discovered the Wells Fargo phishing campaign customers earlier this month. To date, the campaign has targeted over 15,000 customers using .ics calendar file attachments designed to direct them
Wells Fargo customers targeted in phishing campaign. Customers of Wells Fargo & Co. are being targeted by a phishing campaign that sends calendar invitations to customers, leading to a fake website that
Between the second and third weeks of March 2020, email scams and phishing attacks spiked by an unprecedented 436%. Such was the effect of the COVID-19 pandemic. Meanwhile, business email compromise (BEC)
Employees of large corporations are being targeted with phishing emails that impersonate the Wells Fargo security team and use innocent-looking calendar invitations as clickbait. Read more at American Banker.
Abnormal Security researchers are investigating a much larger campaign aimed at Wells Fargo customers. The fraudsters are imitating the bank’s security team and alerting victims with a fake message that if they
Researchers at Abnormal Security describe an ongoing phishing campaign in which the criminals misrepresent themselves as Wells Fargo’s security, attempting to induce victims to give up such sensitive banking information as their
Customers and employees of Wells Fargo are being warned of an email scam that pretends to come from the financial institution’s security team. According to security company Abnormal Security, the message says
The cybersecurity firm Abnormal Security recently uncovered how malicious players built an Office 365 phishing site targeting remote workers that use the platform. Today, the company exposes a similar attack that exploits
Wells Fargo customers are being targeted by a phishing campaign impersonating the Wells Fargo Security Team and luring potential victims to phishing pages with the help of calendar invites. Read more at
COVID-related attacks increased 436% between the second and third weeks of March 2020, with an average 173% week-over-week increase during the quarter, according to Abnormal Security. Read more at Help Net Security.
In yet another sign that cybercriminals are keen to exploit the current world situation, in the second and third weeks of March business email compromise (BEC) attacks increased more than 430 percent
The number of Business Email Compromise (BEC) attacks being leveled at C-Suite executives has declined as threat actors focus on a new target. According to new research published today by Abnormal Security,
For its “Abnormal Quarterly BEC Report Q1 2020 report,” Abnormal Security found that BEC attacks have become more sophisticated. Attackers are taking time to plan their campaigns and have been moving their
New research shows attackers are targeting and establishing relationships with accounts payable departments. Read more at Dark Reading.
Cyber crooks are trying to steal passwords for small-business Microsoft accounts in the U.K. by sending phony emails promising government relief funds for businesses shut down by the coronavirus. Read more at
Business owners with Microsoft Office 365 accounts are targeted in a phishing campaign that uses bait emails designed to look like legitimate Small Business Grants Fund (SGF) relief payment messages from the
Office 365 customers are being targeted by a phishing campaign that uses fake VPN update messages to steal login details. Read more at TechRadar Pro.
Criminals are taking advantage of the increasing use of virtual private network software by people working at home to spread malware. A VPN may be required by employers for safely logging into
Restrictions around the world have meant that much of the global workforce has had adapt to remote working and all the online and cloud-based solutions that come with that. This means becoming
Hackers sent remote workers malicious email links to fraudulently capture their user credentials, according to an Abnormal Security report. Read more at Windows Report.
Fraudsters are using fake VPN update alerts to target remote workers in an effort to steal their Microsoft Office 365 credentials, according to the security firm Abnormal Security. Read more at BankInfoSecurity.
Business email compromise (BEC) attacks represent a small percentage of email attacks, but disproportionately represent the greatest financial risk. Read more from Abnormal Security CEO Evan Reiser in Threatpost.
Phishers are impersonating companies’ IT support team and sending fake VPN configuration change notifications in the hopes that remote employees may be tricked into providing their Office 365 login credentials. Read more
As the pandemic has triggered a huge shift toward remote working, so, too, have criminals been trying to target business employees working at home. In a blog post published Wednesday, Abnormal Security
Microsoft Office 365 customers are targeted by a phishing campaign using bait messages camouflaged as notifications sent by their organization to update the VPN configuration they use to access company assets while
Spurred on by the coronavirus pandemic, cybercriminals have been busy launching phishing attacks that impersonate organizations and other items associated with the virus. One group that’s been exploited in many of these
As more people are working remotely due to the coronavirus, cloud services have seen a surge in demand. But as this trend has unfolded, cybercriminals have found a ripe target to exploit.
When looking at all the different ways that hackers can threaten networks and enterprises, flashy incidents like ransomware scams often come to mind. But a relatively new kind of attack called business
Abnormal Security, a leader in protecting large enterprises from Business Email Compromise (BEC) attacks, introduced VendorBase, a global, federated database that tracks the reputations of an organization’s vendors and customers, and improves
Abnormal Security reports that an ongoing phishing campaign is targeting LogMeIn customers. They’re using a bogus security update as the phishbait to lure victims to a malicious site that impersonates a log-in
Earlier this month, researchers at Abnormal Security uncovered a phishing campaign that spoofed Teams notifications to harvest Office 365 credentials from employees working from home offices due to COVID-19 pandemic. Read more
LogMeIn users are being targeted with fake security update requests, which lead to a spoofed phishing page. Read more at Help Net Security.
Add LogMeIn to the list of remote services and collaboration platforms whose users are being targeted by phishing scammers seeking to take advantage of businesses’ current work-from-home policies under COVID-19. Read more
A new phishing scam involving fake emails claiming to be from the Vienna, Va.-based Navy Federal Credit Union ($125 billion in assets, 9.1 million members) is targeting victims to steal their credentials,
Abnormal Security has launched VendorBase, a global, federated database that tracks the reputations of an organization’s vendors and customers, and improves detection accuracy of advanced social engineering attacks, the company says. Read
Phishing campaigns try to trick people by spoofing well-known companies, brands, and products. Such campaigns often strive to reference items in the news to catch the attention of those concerned about current
VendorBase from Abnormal Security enhances supply chain security and prevents business email compromise (BEC) attacks by evaluating vendors across several criteria and detecting advanced social engineering attacks on enterprises. Read more at
Email compromise via spoofed domains or compromised accounts is a major problem. But a new cloud platform from Abnormal Security tracks the reputations of an organization’s vendors and customers, and improves detection
A phishing campaign using a fake Zoom notification is targeting employees in an effort to steal Office 365 credentials, looking to trick people into entering their user names and passwords into a
A new phishing campaign spotted by Abormal Security takes advantage of the popularity of Zoom to try to capture account credentials of unsuspecting users. Read more at TechRepublic.
Cyber-thieves are impersonating videoconferencing platform Zoom to steal victims’ Microsoft credentials. New research published today by Abnormal Security revealed that Zoom users are being targeted with fake notification emails that contain malicious
With so many people working from home, it should come as no surprise that WebEx accounts have become a target for phishing. A stolen account would let an attacker potentially spy on
A new phishing campaign analyzed by Abnormal Security shows how cybercriminals are exploiting DocuSign, the coronavirus, and the transition to remote working to try to capture account credentials. In a blog post
DocuSign users on Office 365 are the target of a new phishing campaign that features COVID-19 as a lure to convince them to offer up their credentials in return for pandemic information.
Social engineering is one of the most common approaches taken by cybercriminals in order to steal data or get users to install malware. But a new generation of payload-less attacks is now
There is no denying that the video-conferencing tool Zoom has become an essential part of our professional and social lives. Due to social distancing matters, most of us are now relying on
Zoom and Microsoft Teams have become lucrative targets for cybercriminals. Not only are stolen Zoom credentials being sold on the dark web, hackers are using fake Zoom installer software to spread malware
Cybercriminals have launched a new series of phishing attacks which attempt to steal the account credentials of Cisco Webex users by utilizing fake certificate error warnings. Read more at TechRadar Pro.
Reports from a company called Abnormal Security say hackers are also trying to squirm into Cisco Webex and Microsoft Teams video meetings. They’re sending out emails impersonating automated messages from both services,
As the use of collaborative platforms continues to tick up as people work from home during the Covid-19 pandemic, hackers are sending fake email notifications that appear to come from Microsoft Teams
Remote workers are being urged to take extra care following the reveal of a new security scam affecting Microsoft Teams. Users of the popular video conferencing service are being targeted by a
Security researcher have found that hackers are impersonating a notification from Microsoft Teams to steal the credentials of employees. According to a blog post by Abnormal Security, cybercriminals have crafted convincing emails
A new phishing attack uses cloned Microsoft imagery to trick people into giving away their Office 365 login details. Read more at Windows Central.
According to security researchers at Abnormal Security, Microsoft Teams has been hit by two separate attacks targeting as many as 50,000 users. The campaigns reportedly aim to phish Office 365 logins. Read
A recently uncovered phishing campaign is spoofing notifications from Microsoft’s Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according
Although the likes of Telegram, the secure messenger service with 400 million users, has confirmed it is moving into the video chat space, the most immediate threat to the dominance of Zoom
Employees belonging to organizations in industries such as energy, retail, and hospitality have been recipients, Abnormal Security says. Read more at Dark Reading.
Attackers are exploiting the surge in the use of Microsoft Teams in an attempt to trap unsuspecting users, says Abnormal Security. Read more at TechRepublic.
A highly convincing phishing campaign is using cloned imagery from automated Microsoft Teams notifications in attacks that attempt to harvest Office 365 credentials. Read more at Bleeping Computer.
A convincing cyberattack that impersonates notifications from Microsoft Teams in order to steal the Office 365 credentials of employees is making the rounds, according to researchers. Two separate attacks have targeted as
According to software company Abnormal Security, hackers are taking advantage of the fact that “students and staff are likely highly attuned to any news about a university’s response to the outbreak, and
A phishing attack uncovered by Abnormal Security, targeted users with bogus e-mails in a bid to steal their Office 365 credentials, by redirecting unsuspecting victims to a fake Office 365 login page.
A cruel new phishing scam arrives in your email inbox reminding you of an “emergency” company Zoom meeting that’s due to start in only a few minutes. Why should you join in?
Researchers have discovered two new phishing campaigns targeting user credentials for both Skype and Zoom, amid the spike in remote work tied to the COVID-19 pandemic. Read more in HealthITSecurity.
Some fraudsters have pivoted from using the COVID-19 pandemic as a phishing lure to creating messages and malicious domains designed to capitalize on various U.S. economic stimulus programs. Read more at BankInfoSecurity.
Abnormal Security, the platform that protects large enterprises from the most sophisticated, targeted email attacks, announced the appointment of Kevin Moore as Chief Revenue Officer. Read more at Help Net Security.
Email security firm Abnormal Security has appointed Kevin Moore as chief revenue officer. Moore will be responsible for scaling up Abnormal Security’s worldwide sales team and helping the firm achieve its growth
Abnormal Security uncovered a business email compromise attack based around the Paycheck Protection Program. Read more at Politico.
The shift to remote work amidst the ongoing COVID-19 pandemic and the increased demand for video conferencing services have become a lucrative tactic for attackers to steal credentials and distribute malware. Read
As the researchers at Abnormal Security describe, computer users are being targeted with phishing emails that have adopted just that disguise. Read more at Graham Cluley.
Zoom may have fixed many of its own security issues, but it’ll never be immune to hackers trying to trick the company’s users. Malicious actors are now targeting users with fake Zoom
Although the popularity of zoom has skyrocketed amid the Coronavirus pandemic, its users are increasingly falling prey to the cyber criminals. According to the latest research by Abnormal Security, cyber criminals are
Zoom users are targeted by a new phishing campaign that uses fake Zoom meeting notifications to threaten those who work in corporate environments that their contracts will either be suspended or terminated.
In a new phishing campaign discovered by Abnormal Security, attackers are sending out emails that pretend to be from a CARES act representative who needs a signature on a “PPP_CARES_SignaturePG1-2” document for
A new Zoom phishing campaign preys on people’s fears related to job security, tricking them into revealing credentials that criminals can abuse in a variety of ways. Read more at Security Boulevard.
Two new phishing campaigns that aim to obtain Zoom and WebEx credentials have emerged, capitalizing on fears of layoffs and payroll changes. The phishing emails deliver fake information with “Zoom meeting about
API-Based Integration with Microsoft Teams and Okta Multi-Factor Authentication Extends Security Coverage Beyond Email to Provide End-to-End Channel Protection. Read more at Dark Reading.
Abnormal Security has launched Microsoft Teams protection and integration with Okta to extend email security coverage and protect remote workforces from social engineering attacks, the company says. Read more at MSSP Alert.
Two new phishing campaigns discovered by Abnormal Security are trying to exploit employees (at the moment very rational) fears by delivering fake “Zoom meeting about termination” emails and fake notifications about COVID-19
The fraudsters’ mission is to lure recipients with financial relief options. The phishing expedition, as explained by AbnormalSecurity.com, requests the recipient’s signature for PPP documents. Clicking on the link directs users to
The need to protect remote working is exercising many organizations at the moment. Abnormal Security is launching a new Microsoft Teams Protection product to help guard the platform against social engineering attacks.
Security firm Abnormal Security discovered a phishing email giving a single day for the recipient to respond and claim an outstanding tax rebate from HMRC (the UK tax authority) for ‘550.11 GBP’. Read
Abnormal Security researchers uncovered a phishing campaign, designed to steal Zoom credentials, that attempts to trick email recipients into thinking they are about to be laid off amid the pandemic. Read more
A newly discovered phishing scam attempts to hook Brits with the promise of a tax refund from Her Majesty’s Revenue and Customs. Research from Abnormal Security details a sophisticated fraud fest in
The pandemic has driven more of our personal and work lives online – and for the bad guys, business is booming. Here’s how you can protect yourself. Abnormal Security’s Ken Liao comments
Business Insider asked the experts — venture capitalists — about the startups in their portfolios that are still on track for success in today’s conditions and that they think have bright futures
Abnormal Security CEO Evan Reiser was interviewed by ABC11 News in North Carolina about scammers using the promise of a stimulus check to steal information from its victims. See the full story
Abnormal Security recently explained the scams in greater detail in a blog post, writing that cybercriminals are “impersonating a major financial institution claiming to have received the recipient’s stimulus check, but needing the
The latest evidence of this is a new report, authored by Abnormal Security, which details a scheme to impersonate a major financial institution that supposedly is holding economic stimulus funds for its customers.
Researchers at Abnormal Security have detected an attack in which scammers impersonating a major financial institution are asking victims to verify their financial details before their stimulus funds can be released. Read the full
There have been several cases where students have received emails that seemingly came from university officials and claimed to provide updates about the coronavirus lockdown. The emails prompted users to click on
COVID-19 is a rapidly spreading virus that is causing a fundamental shift in how business is conducted in every industry from retail, financial services, healthcare and more. Malicious attacks are rising during
COVID-19-themed scams are exploding both online and offline. Hijacked Twitter accounts peddling fake cures, scammy sites offering emergency supplies, misinformation campaigns, phishing emails and – can you believe it? – even a
The WHO said cyberattacks have more than doubled in recent months as malicious hackers attempt to pose as the organisation. Read the full article in Silicon Republic here.
As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who’ve taken advantage of the opportunity to target victims
With everyone hunkered down, working from home, taking online classes or just killing the time browsing the web, cyber attacks are exploiting the public’s fears about the coronavirus and using email phishing
While many across the U.S. and Bay Area are sheltering-in-place, cybercriminals are striking. Cybersecurity experts say online scammers are on the offensive, targeting vulnerable Internet users. Another phishing attack, uncovered by Abnormal
A new phishing email campaign targeting college students and staff to capture log-in credential and infect computers with malware is taking advantage the coronavirus pandemic to appear more legitimate to its targets.
New research from the San Francisco email security firm Abnormal Security has found that students as well as businesses are being targeted. A new phishing campaign is sending emails that appear to
Hackers and cybercriminals have been leveraging the hype and fear connected with the growing COVID-19 pandemic as a tool to steal passwords and data. Discovered by San Francisco-based Abnormal Security, one attack uses
The Abnormal Cloud Email Security Platform stops targeted phishing, business email compromise and account takeover attacks using a uniqu combination of data science and behavior modeling. Read more at Enterprise Security Tech
The RSA Conference 2020 Early Stage Expo is an innovation space dedicated to promoting emerging talent in the industry. Here are some of the most exciting companies exhibiting innovative products and solutions, which you
Founded in 2018, Abnormal Security protects companies from targeted email attacks that were previously undetectable. Read more at Crunchbase here.
“According to the FBI, business email compromise is the No. 1 cyber crime for enterprises,” says Motamedi. “Unlike other enterprise solutions, their technology models the identity of users, graphs their relationships and
Ever received a terse email from a suspicious account asking for wire transfers and potentially compromising information? Abnormal Security fights back against these scammers with data science tools, listening for signals and behaviors associated
But in a chicken-and-egg kind of way, one of the results of the decline in public exits is that fewer startup founders seem to aspire to build great companies…Evan Reiser [CEO of
Abnormal Security was founded in 2018, and in November closed a $24 million Series A funding round led by Greylock Partners to better protect enterprises from unknown or targeted email attacks through
A cybersecurity startup launched a new platform Tuesday designed to thwart sophisticated scams by identifying abnormal emailing behaviors. Aptly named Abnormal Security, the San Francisco startup aims to use behavior modeling and
In spring of 2017, Asheem Chandna was sitting in a meeting at the Silicon Valley offices of Greylock Partners, the venture capital firm where he works as an investor, when he learned
Garages have a special place in Silicon Valley lore. The biggest behemoths, from Apple to Google to Amazon, reportedly started from those humble beginnings. The garage even earned itself several references in
We are excited to announce that Greylock led a $24M Series A investment in Abnormal Security, a company initiated and incubated in 2018 at Greylock offices. Founded by Evan Reiser and Sanjay