Release Notes

We're constantly working to make the Abnormal product a world-class experience. See what's changed this month.

November 2020


  • Role-based Access Control Improvements: New UI capabilities to add users, assign user roles, and add/remove privileges for Portal Access. Customers benefit from complete self-serve control when granting Portal provisioning and increased options to ensure security and data access.
  • Cross-Tenant Abuse Mailbox Support: We now support multi-tenant Abuse Mailbox setups. Customers with multiple tenants who leverage a unified phishing mailbox can set up Abuse Mailbox without altering their workflow. Abnormal can extract abuse reports regardless of their tenant origination, as well as search and remediate message campaigns across all tenants.
  • VIP Notifications: We now provide the ability to send SOC team email notifications when an email attack campaign involves VIP recipients. Customers benefit from added visibility and control with proactive alerting for high-risk individuals.
  • Duo Integration: Abnormal now supports the ability to integrate with Duo to monitor and detect potential suspicious account activities, such as suspicious authentication events. Customers benefit from increased account protection and reduced risks in account compromise attacks.
  • Customer Best Practices Guide: We've released our Customer Best Guide for post-sale customer onboarding and product walk-through. Customers can benefit from improved documentation and understanding of Abnormal platform functionalities and feature offerings.


  • Safelisting Improvements: Added support for safelisting email addresses, domains, and IPs in the settings page. Customers benefit from improved control when configuring Abnormal settings.
  • Abuse Mailbox Improvements: Abuse Mailbox now supports the ability to quarantine messages upon user-reporting. In addition, we can attach original reported messages as .eml attachments in end-user auto-response notifications. The result is improved control in responding to the end user and set-up security workflow.
  • General Detection Improvements: We’ve improved detection precision for targeted advanced email attacks:
    • Billing account update model improvements: Vendor fraud models now use a more sophisticated text understanding in an effort to catch more invoice fraud attacks
    • Spam detection improvements: Increase precision of our models to catch spam
    • Election interference themed protection: Deployed models to identify election interference emails that threatened voters
    • Text-based tech support scam detection: Using fast-text retraining models, we are now catching more tech support scams where the body contains no malicious links or attachments, and where it has a call-to-action to call a scam phone number
    • Internal-to-internal monitoring: Abnormal now provides support to detect internal-to-internal attacks across multiple customer tenants and flags suspicious email communications that failed to be caught by the secure email gateway