Product FAQ: Scope of Attacks - Abnormal Security
Product FAQs  Scope of Attacks

Product FAQ: Scope of Attacks

Email Attack Types

Abnormal Security automatically and catches the following types of email attacks. The Attack Type Groups are described below along with their constituent Attack Types:

Attack Type Group

Internal-to-Internal Attacks (Email Account Takeover)

Description

Attacker compromises one employee’s account and delivers fake invoices, credential phishing, and other malicious content to another employee.

External-to-Internal Attacks (External Email Account Compromise)

Attacker compromises an external vendor’s account and delivers fake invoices, credential phishing, and other malicious content to an employee.

Spam

Untargeted and unsolicited communications.

Graymail

Unwanted email from legitimate sources that are often for marketing or promotion purposes.

Scam

Advanced fee fraud and similar scams.

Social Engineering (BEC)

The attacker impersonates an employee to establish rapport with the victim and convince them to engage in actions such as changing direct deposit information, paying a fake invoice, buying gift cards, or performing another task.

Phishing: Credential

The attacker tricks employees into giving away their credentials to unauthorized parties.

Invoice / Payment Fraud (BEC)

Attacker impersonates a vendor, partner, or well-known brand and asks the recipient for fake invoices/ payments. Also known as External-to-Internal / External Invoice / Payment Fraud, Fraudulent Account Update, Internal Invoice / Payment Fraud

Malware

The attacker attempts to deliver a malicious payload.

Extortion

The attacker requests a ransom in exchange for avoiding violence, humiliation, or other adverse consequences.

Phishing: Sensitive Data

The attacker attempts to steal data such as account numbers, personal information, SSN, Intellectual Property documents.

Reconnaissance

Unusual characters/Lack of subject or message content: Common signal of when attackers attempt to verify the deliverable recipient email address in order to follow up with future phishing messages.

Other

Non-categorized attacks.

Each email attack shown in the Portal’s Threat Log is associated with an attack type, automatically computed by Abnormal Security. Customers can filter by attack type to look for a particular group of attacks using the ‘Filter’ option in Threat Log.

Want to learn more?

Schedule a personalized product demo to see:

  • Threat analytics, insights and reporting
  • Automated Triage, Investigation and response tools
  • Platform integrations into SIEM, SOAR
  • …and more
Automated Triage, Investigation and response tools

Want to learn more?

Schedule a personalized product demo to see:

  • Threat analytics, insights and reporting
  • Automated Triage, Investigation and response tools
  • Platform integrations into SIEM, SOAR
  • …and more