We Protect Organizations From the Attacks That Matter Most

About abnormal

An Exponential Increase in Modern Email Attacks
Modern attacks, including business email compromise, supply chain fraud, and ransomware, are on the rise. According to the FBI, business email compromise alone accounted for 44% of all cybercrime losses in 2020, and that number is only growing as threat actors become more effective.

Modern Attacks Evade Secure Email Gateways
Traditional defenses rely on conventional threat intelligence and known bad indicators to block email threats. Modern attacks bypass secure email gateways because they come from trusted sources and do not contain malicious links or attachments.

You Need a Modern Approach to Email Security
Abnormal provides a fundamentally-different approach that precisely blocks all email attacks. Our modern, cloud-native API architecture continuously baselines known good behavior by leveraging identity, behavior, and content to detect and remediate anomalies.

Key Differentiators

Key differentiators

Why Should You Care?

Why care abnormal

The Attacks That Matter Most

Supply Chain Compromise

There’s an 82% chance of your organization being targeted by a supply chain attack this week. These attacks evade secure email gateways because they come from trusted senders whose accounts have been compromised.

How Abnormal Stops It:

  • Automatically knows your vendors. Abnormal’s VendorBase auto-identifies suppliers, vendors, and partners based upon past email communications and other signals gathered across the entire enterprise ecosystem.
  • Continuously assesses vendor risk and reputation. We assign a risk score for each vendor based on domain spoofed, accounts compromised, and suspicious business.
  • Inspects content, tone, and attachments. Abnormal inspects emails and attachments for suspicious information and identifies when a vendor has been compromised.

Executive Impersonation

29% of all socially-engineered attacks are a result of impersonation. These emails slip by secure email gateways because they are often text-based and rarely contain links or attachments.

How Abnormal Stops It:

  • Inspects email headers to expose impersonations. By analyzing header information, Abnormal can determine when an email domain has been spoofed.
  • Detects suspicious language, tone, and style. Even when messages contain no links or attachments, Abnormal recognizes language that is typical of phishing attacks.
  • Understands communication patterns. Abnormal uses natural language processing to
    understand people, their behavior, their communication patterns, and typical tone and content shared.

Account Takeover

26% of companies are targeted by account takeover attacks each week. When successful, threat actors receive access to sensitive information and can use these compromised accounts to launch further attacks.

How Abnormal Stops It:

  • Detects compromised accounts. By understanding and baselining normal login frequency, locations, devices, browsers, and IP addresses, Abnormal can determine when an account has been compromised.
  • Disarms takeovers automatically. Logs users out of active sessions, requires password resets, and helps affected users regain access.
  • Provides incident management and reporting. Allows teams to streamline remediation via integrations with IAM, SIEM, and SOAR tools.


76% of ransomware is delivered via email. Secure email gateways often miss these attacks when attackers combine social engineering with their ransomware schemes.

How Abnormal Stops It:

  • Detects suspicious correspondence patterns and credential phishing attempts. Abnormal uses identity detection and natural language processing to detect phishing attempts and other
    suspicious emails.
  • Blocks malicious attachments and links. The platform reviews all attachments and links to ensure they are safe, even if those links redirect upon click.
  • Provides explainable insights and malware forensics to security teams. Abnormal automatically prepares a detailed analysis of ransomware attempts, allowing teams to preview the content of attachments and link targets.

To learn more about how Abnormal can stop these attacks for you, request a demo of the platform today.

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Resources

B 05 03 22 Using Modern Email Security Webinar
Secure email gateways (SEGs) focus on searching for known bad domains, attachments, and links. But threat actors have changed their tactics—opting to deceive humans instead of technology. It’s time for a modern solution to the email security problem, one that detects and prevents these attacks.
Watch Now
Resource 05 Webinar
With the rise of modern attacks such as supply chain compromise, executive impersonation, and account takeover, it's become obvious: the SEG no longer works. Learn what you need for complete defense in depth protection.
Watch Now
Abnormal microsoft data sheet cover
Complement Microsoft’s threat intelligence-based defenses with precise, behavioral analysis-based protection against all email and account takeover attacks.
Read More
Video 1
Abnormal can determine when legitimate end users have accessed accounts, or when a bad actor has accessed them, by understanding key attributes like common IP addresses, or if the device has been accessed...
Watch Now
Video 2
Socially engineered email attacks are the #1 security threat facing companies today, accounting for more than 44% of all cybercrime losses. To stop these types of sophisticated email attacks, you need a fundamentally new approach to email security.
Watch Now
Video 1
With Abnormal, security teams can now eliminate redundant email gateways and enhance Microsoft's built-in security capabilities. Once integrated via one-click API, Abnormal automatically profiles your VIPs and employees, their behavior, relationships, communication patterns...
Watch Now
Data sheet 1
Protect your end users from the full spectrum of targeted email threats: phishing, ransomware, fraud, social engineering, supply chain attacks, executive impersonation, spam, and graymail. Integrate with Microsoft 365 and Google Workspace via a one-click API without disrupting mail flow. No MX record changes, configuration, or custom policies are needed.
Read More
Data sheet 4
Supercharge your SOC workflows and save time with AI-assisted investigation, auto-remediation, follow-up, and reporting. Abnormal provides a frictionless method for user-reported phishing attacks to be submitted, triaged, and reviewed.
Read More
Data sheet 3
By understanding normal behavior, Abnormal can detect any deviations in these baselines to uncover potentially compromised accounts and then immediately remediate them. When left undetected, attackers can use compromised accounts to exfiltrate sensitive data or send lateral phishing emails.
Read More
Data sheet 2
Abnormal Security's Integrated Cloud Email Security (ICES) blocks socially-engineered attacks that secure email gateways miss.
Read More
Email security architectures cover
As organizations have moved their email servers from on-premise systems like Microsoft Exchange to cloud services like Microsoft 365, the range of permutations of email security solutions has also increased. See the range of security options available to organizations and how to solve for advanced threats.
Download Now
Cover ABX White Paper 04 12 22
Abnormal Behavior Technology (ABX) leverages innovative techniques to provide a revolutionary approach to detecting and mitigating targeted email attacks.
Download Now