Company Overview

Industry: Business Process Outsourcing and Technology
Location:
Austin, Texas
Protected Mailboxes:
15,000+

Everise environment

Credential Phishing Attacks Surged, Targeted Everise

As businesses pivoted in the pandemic era, so did cybercriminals. In the US in 2020, phishing was the most common internet crime reported to the FBI, with more than 240,000 documented victims. And credential phishing attacks continue to rise sharply, from 66% of advanced attacks in Q4 2020 to over 73% in Q2 2021. Targeted phishing messages use deadline pressure and impersonation in ways that evade off-the-shelf security solutions. In the year since deployment, Abnormal AI-based anomaly detection has stopped thousands of these phishing attacks across more than 15,000 Everise inboxes.

Scaling Up Securely to Deliver New Client Solutions

Everise has been revolutionizing customer experiences since 2016. Combining technologies like AI and robotic process automation (RPA) with a focus on people, Everise provides innovative customer and technical support services to enterprises and high-growth companies in healthcare, technology, travel, logistics, and other industries in the Americas, Europe, and Asia. While Everise helps its clients reduce costs, protect their brands, and moderate their content, it also cultivates an internal culture that routinely wins awards for technology innovation, leadership, and employee experience.

By 2020, Everise had 4,500 employees in the United States, Guatemala, Ireland, Japan, Malaysia, and the Philippines, who are now working remotely. Our employees all work in contact centers, and during COVID we needed to rapidly shift our staff to a homebased model. Since we had improved our infrastructure in 2019, we were able to let our people take their PCs home to work,” said Bill Loss, Everise VP for IT Engineering and Technology Services.

By mid-2021, Everise had more than 11,000 employees to meet new demand for outsourced services. But the shift to remote work brought new email security risks. “Our people are good at what they do, but they’re not email security specialists, and attackers know that. That’s why ransomware, social engineering, and email attackers go after the human ‘soft targets’—to get results.

“Abnormal protects our executives from individually targeted attack emails that our first line of defense can’t catch. Our accounts payable team is safer and more efficient, too. Abnormal stops sophisticated malicious emails before our people ever see them.
- Bill Loss, VP for IT Engineering and Technology Services

Everise Sought New Protection to Excel at Employee and Customer Experience

As Everise worked to quickly extend its on-premises security practices to executive and employee home offices, they also had to contend with a rising tide of email attacks that were tailored to get past their existing security, including email security tools in Office 365 and employees’ security awareness training. “We started to see a large increase in the number of BEC attacks and social engineering attacks, primarily targeting senior leadership. We saw emails impersonating clients with fraudulent invoices seeking payment. Credential phishing emails impersonated our CEO and service providers like DocuSign,” said Amy Grisham, Director of IT Governance and Compliance. “We needed to stop these threats and to confidently recognize those emails coming from legitimate senders.”

And it wasn’t only front-line employees struggling to sort threats from safe messages. “It quickly became apparent, that more employees meant more targets. That was a lightbulb moment that made it clear we needed to focus more heavily on email security to prevent compromise that could damage our revenue, our employee experience, and the quality of the customer experience we deliver.”

Seeing the Email Threat Landscape Clearly

With their Abnormal risk assessment, they saw hundreds of email attacks in company inboxes. This trend would mean thousands of attacks were slipping through each year, each with the potential to cause financial losses and brand damage.

One surprising and disturbing finding: “We learned there are bad actors out there that know who works for our accounts payable team. They would send our AP team members very specific, personalized emails that look like legitimate invoices, but these attack emails actually included a payload in the invoice attachment to install malware, or they may be trying to get a fake invoice paid under false pretenses. If we stop those before it even gets to them, their day gets a lot easier.”

“Seeing the things that got past our initial security made us realize that we needed a better solution. Abnormal caught the more insidious threats and showed us we were getting many more financial-compromise emails than we had realized,” Loss said.

Everise stats

Everise Saves Time with Abnormal AI and ML Precise Detection

Abnormal saves Everise considerable time by eliminating the need to manually remediate email attacks and takes the pressure off to evaluate emails for threats. Everise relies on Abnormal’s behavioral AI-based detection engine to recognize legitimate senders and requests. Because Abnormal functions as a trusted partner to analyze emails, it can confidently respond to incoming messages faster and provide the best possible customer experience without delay.

Additionally, Abnormal gives Everise real-time visibility into email threats. “We have weekly leadership reviews with seven-day reports on the number of attacks Abnormal has stopped, trends over the past week, top impersonations in the environment, and top recipients of phishing attacks. Grisham said. “The Abnormal dashboards give more information than some other tools, like what our system is looking at, where users are logging in, their behavior and operating systems. We can dig down into the data in a way we can’t with a lot of other tools.”

Abnormal also makes it easy for employees to take an active role in threat prevention without overloading the SOC team. “Employees can report suspicious emails, following which Abnormal’s Abuse Mailbox automatically investigates and determines whether they are safe, malicious, or spam. If malicious, Abnormal automatically removes the emails from all inboxes."

“The integration was one of the easiest we’ve ever done. Turn it on, let it run, and see the results. You quickly realize Abnormal’s value to the organization."
- Amy Grisham, Director of IT Governance and Compliance

Abnormal Frees Everise to Deliver Exceptional Customer Experiences

Because of Abnormal, Everise is free to concentrate on delivering award-winning customer experiences—and to brainstorm more ways in which they can leverage Abnormal solutions to optimize their security. “Abnormal has been a great partner to work with,” Grisham said. “They go above and beyond in supporting their clients.” That dedication, plus the superior Abnormal technology, lets Everise focus on supporting its clients and growing its business.

Curious to learn how Abnormal could help your team succeed? Request a demo today for more information and to see how we stop advanced email threats.

Related Resources

Blog cybersecurity awareness month
October is the perfect time to evaluate your email security practices, both for your employees and across your organization. These resources can help.
Download Now
B 09 22 22 Government Solution Brief
Discover the AI-based email security platform that protects state and local governments from the full spectrum of email attacks.
Read More
B 09 16 22 Kroenke Opt 1 V2
Together, Abnormal and Microsoft provide Kroenke Sports & Entertainment with a robust, efficient security solution that blocks advanced threats from reaching inboxes.
Read More
B Higher Education
Discover the AI-based email security platform that protects educational institutions from the full spectrum of email attacks.
Read More
B 09 14 22 Choice Hotels
With Abnormal automatically handling advanced email threats, Choice Hotels now uses its time to fortify the entire hospitality cybersecurity space.
Read More
B 09 13 22 Healthcare Solution Brief
Discover the AI-based email security platform that protects healthcare organizations from the full spectrum of email attacks.
Read More
B 09 12 22 Retail Solution Brief
Discover the AI-based email security platform that protects retailers from the full spectrum of email attacks.
Read More
B Essential Guide
Discover common email security challenges, critical capabilities for cloud email security, and 10 considerations to shape your cloud email security strategy.
Download Now
B 08 08 22 H2 Threat Report com
From January-June 2022, Abnormal found a 48% increase in email attacks, and 68.5% of the attacks included a credential phishing link.
Download Now