About Email Account Takeover Protection

Abnormal can determine when legitimate end users have accessed accounts, or when a bad actor has accessed them, and automatically disable the compromised account.
About Email Account Takeover Protection

Video Transcript

Dallas Young, Senior Technical Marketing Manager

Your corporate credentials and cloud accounts are the keys to your business, making them a valuable target for bad actors.

Let's meet Renee. She typically logs into her corporate account around 8:00 in the morning from the San Francisco office location. The SOC team had received an alert from Abnormal that suspicious behavior was detected with Renee's account. A login event was detected from Microsoft Azure, originating from Hong Kong, which is thousands of miles from the San Francisco office, at around 2:01 pm.

Abnormal can determine when legitimate end users have accessed accounts, or when a bad actor has accessed them, by understanding key attributes like common IP addresses, or if the device has been accessed from another browser or operating system, or even items like too-fast-to-travel location signals.

In this case, she's never visited Hong Kong, and these signals indicate that Renee's account is being used from two locations at once, which is a critical indicator of a compromised account. In the example of Renee, Abnormal automatically executed a remediation playback via APIs that opened a ticket within ServiceNow and signed out of all active sessions, locked Renee's account, and reset the password.

This prevented a potentially serious security brief. And that's not all.

Since organizations are only as secure as their partners within the supply chain, Abnormal's VendorBase scans past emails to identify all your suppliers, partners, and vendors and continuously monitors them for risk by gathering signals across the entire enterprise ecosystem. It gives security teams complete visibility into all their vendors' security postures, their relationships within the organization, past compromises observed, a timeline of activity, and more.

End users are automatically protected from compromised vendor accounts and supply chain attacks. All attachments are scanned for suspicious information, such as modified banking details that are different from those typically associated with the vendor. This continuous monitoring of the vendor to assess risk scores through VendorBase ensures all Abnormal customers are safe from this compromised vendor account.

Want to know more? Schedule a threat assessment with Abnormal today. You will potentially uncover threats such as compromised accounts within your organization. It takes five minutes to set up, and there's absolutely no work for you to do. Let's talk.

See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email and collaboration application attacks with Abnormal.
See a Demo

Related Resources

B Seg WS
Explore how your security team can simplify email security by eliminating legacy secure email gateways (SEGs).
Watch Now
B 08 30 23 Avery Dennison Vid
Materials science and digital identification leader saves time and protects vendor relationships with Abnormal for Google Workspace.
Read More
Discover how EAB modernized their email security stack and blocked advanced attacks by saying goodbye to their SEG.
Watch Now
B 08 23 23 BRD03 Evan Asheem Video v2
Abnormal CEO and Co-Founder Evan Reiser sits down with Asheem Chandna, Greylock Partner and Investor to talk about the email security landscape and how Abnormal continues to protect its customers.
Watch Now
B 8 4 23 Integrations DS
Integrate with your security tools to centralize insights and speed up remediation.
Read More
B 7 27 23 SEG Webinar
Discover how DexKo Global modernized their email security stack and blocked advanced attacks by removing their legacy SEG.
Watch Now
B 07 07 22 Noname Vid
Fast-growing API protection provider protects its email ecosystem from advanced impersonation threats.
Read More
B 07 10 23 MKT338 CISO Roadshow One Pager
Discover how to protect your cloud email from the most advanced attacks.
Read More
B 08 25 23 MKT006 08 28 23 Updated cover graphics for Evan Changing Landscape Video
See how Abnormal is working to make the cloud a safer place for business by protecting against all types of attacks across all types of cloud applications.
Watch Now