Inbound Email Security


Modern email attacks are circumventing traditional email security solutions with increasing sophistication, severity, and cost. Abnormal Inbound Email Security pairs advanced behavioral science with risk-adaptive detection to stop the full spectrum of malicious email, including business email compromise, supply chain fraud, ransomware, and spam.

With Abnormal, you can deploy in minutes via API—no configuration or policies required.

Get a Demo
IES Header Image 2

Email Attacks Have Increased in Sophistication and Severity




$120K average lost per business email compromise attack
Source: 2021 FBI IC3 Report




89% of companies see a supply chain compromise attack each week
Source: Abnormal Security Data


Difficult to Detect


308 days on average to identify and contain a breach
Source: 2022 Verizon DBIR



Secure Email Gateways Can't Stop Sophisticated Attacks


Sophisticated email attacks evade traditional email security solutions, leading to financial losses as well as loss of brand reputation and customer loyalty.



Abnormal Inbound Email Security


Abnormal stops the full spectrum of email-borne attacks with a fundamentally different approach than traditional email security solutions.

Abnormal’s AI-based anomaly detection engine baselines known-good behavior across employees and vendors by correlating email content with non-email related signifiers of identity and behavior.

Using these profiles, Abnormal learns the difference between known-good and abnormal user behavior. It remediates malicious emails in milliseconds and offers explainable attack insights with in-depth reviews of each attack.


How Abnormal Stops the Full Spectrum of Email Attacks


Detects Costly and Sophisticated Attacks That Others Miss


Unlike secure email gateways, Abnormal natively integrates with Microsoft 365 and Google Workspace to create a behavioral profile of your users, organization, and vendors.

Each message is analyzed using tens of thousands of signals across identity, behavior, and content to identify anomalies and detect malicious behavior—including never-before-seen attacks with no traditional indicators of compromise.

User Genome

Enhances Risk Awareness with Federated Knowledge Bases


Abnormal automatically creates searchable knowledge bases with detailed profiles of your organization’s employees, vendors, applications, and email tenants. The platform monitors each of these entities for indicators of risk and automatically adapts protection based on risk level.

Risk Image

Remediates Malicious Emails to Prevent End User Engagement


When Abnormal detects a malicious email, it automatically remediates it to a hidden folder within milliseconds, removing the possibility of end-user engagement, and logs a detailed analysis of the attack in the Threat Log.


Explains Email Attacks in Detail


Abnormal provides searchable logs of every email message it categorizes and includes an in-depth Threat Log for messages marked as malicious.

Administrators can review high-level trends, deep dive into advanced attacks, or use search and respond capabilities to remediate misdirected messages.

Email Attacks

Integrates With Security Operations Tools


Abnormal integrates into incident response processes and tools to help analysts respond to security incidents. It triggers playbooks, creates tickets, and sends logs and metadata to SOAR, SIEM, and ITSM platforms.

Popular integrations include Palo Alto Networks, Splunk, and Crowdstrike.

Operation Tools Image

Legacy Approach to
Preventing Attacks

  • Manual threat remediation
  • Complex rules and policies
  • Legacy journaling
  • No vendor or supply chain intelligence
  • Time-consuming search and respond functionality
  • Limited ability to profile user behavior
  • Dozens of dashboards and products
  • Manual upgrades

Abnormal Inbound
Email Security

  • AI-based detection
  • No rules or policies
  • Easy API integration
  • Federated supply chain database
  • Search and respond in seconds
  • Profiles known behavior across employees, vendors, and organizations
  • One streamlined SaaS solution
  • Automatic enhancements

Deployment Outcomes


Instantly Protects Email



Seconds to integrate Abnormal with your cloud email.

Frees Up Analyst Time



Hours saved for security teams each week.

Prevents Inbound Attacks



Reduction in unwanted email and threats that land in employee inboxes.


Deeply Integrates With Cloud Security

Microsoft 365

Enhances security built into Microsoft 365 with AI-powered behavioral analysis to stop all email-based threats and account takeover attacks.

Google Workspace

Enhances built-in security capabilities within Google Workspace and uses the most advanced AI detection techniques to stop targeted phishing attacks.


Eliminate the Broadest Spectrum of Threats


Credential Phishing


Stop the full range of phishing attacks, including never-before-seen socially-engineered attacks.

Learn More

Business Email Compromise


Block seemingly trustworthy emails that induce employees to take actions that lead to financial loss and reputational damage.

Invoice and Payment Fraud


Defuse schemes to steal money via fraudulent invoices and prevent attackers from changing legitimate bank account details.

Supply Chain Compromise


Prevent attackers from exploiting compromised vendor accounts to launch email attacks against your organization.

Malware and Ransomware


Protect your end users from emails that contain malicious attachments, ransomware, and other viruses.

Spam and Graymail


Stop spam, unsolicited messages, and other unwanted email from reaching your end users.


Trusted by Global Enterprises

Integrates Insights Reporting 2

Stop Inbound Email Attacks Before They Reach Your Employees

Protect your organization from the full spectrum of email attacks with Abnormal.


Abnormal Resources

Fortune 200 wealth cover
As a leader in insurance and asset management, this Fortune 200 company recognizes that its security must protect its employees and customers from cyber attacks. Customers place their trust and their assets in the control of this company, so the security team built a robust solution reducing risk, gaining visibility, and securing user identity—the new perimeter.
Read More
B 1500x1500 Email Security Datasheet L1 R1 1
Stop the email attacks that bypass other solutions when you pair behavioral data science with risk-adaptive detection.
Read More
Resource 02 CISO
Business email compromise (BEC) is the most significant cybersecurity threat to enterprise organizations, with $2.4 billion lost in 2021 alone. This type of email attack occurs when a cybercriminal uses social engineering to impersonate a trusted contact—typically an executive, coworker, vendor, or partner.
Download Now
B 07 19 22 2022 Email Security Trends
We surveyed 300 security leaders to discover what matters most to them when it comes to email security in the current threat landscape.
Read More
B 1500x1500 Gartner Peer Insights Reviews blog
The Abnormal Security team is committed to providing the best possible solution and support experience to every customer. Here’s what a few of our customers have to say about us.
Read More
Report fscc cover
For years, executives were the go-to impersonated party in business email compromise attacks. Now, threat actors are opting to impersonate vendors and suppliers instead.
Download Now
B Gartner Highlights 1
The Gartner Market Guide for Email Security explains what integrated cloud email security (ICES) solutions are and why they’re essential for modern enterprises. Download a copy now to learn why enterprises are moving away from the SEG.
Read More