B Troy H Webinar 09 19 22

Webinars

In this webinar, Abnormal CISO Mike Britton is joined by Troy Hunt, an expert in compromised credentials and the brains behind HaveIBeenPwned.com, to examine account takeover attacks.

Troy Hunt on ATO: Account Takeovers as the Hidden Threat

Account Takeover

B Account Takeover 08 22 22

White Papers

Even one successful compromised account can start a cascade of other internal and external attacks, making it possibly the most dangerous email threat organizations face.

CISO Guide to Account Takeover

Healthcare ato cover

For cybercriminals, penetrating a healthcare organization is like striking gold. Provider and payer professionals have access to some of the highest-value data in the world, including patients’ personal details, medical histories, social security numbers, insurance information, and more.

Account Takeover Prevention: A Critical Security Control for Today’s Healthcare Organizations

Resource Center: Q2 2021: High-Profile Socially-Engineered Email Attacks Drive Record-High Employee Engagement & Fraud

B 04 20 23 Gartner report

Analyst Research

Abnormal’s fundamentally different approach to cloud email security provides the best protection against existing and emerging attack techniques.

2023 Gartner® Market Guide for Email Security

Email Security

B 02 15 23 ROI Calculator

Tools

Discover the ROI you can experience with Abnormal Security.

ROI Calculator: Discover Your Abnormal Return on Investment

Abnormal Platform

B 02 08 23 1500x1500 H12023 Threat Report

Threat Reports

Abnormal’s latest report on business email compromise trends and statistics finds that employees open 28% of attacks and reply to 15% of them.

H1 2023: “Read” Alert: Data Shows 28% of BEC Attacks Opened by Employees

B 04 20 23 Forrester Total Economic Impact Study of Abnormal Security

Learn how investing in Abnormal Security can yield a 278% ROI within 3 years and help your organization avoid $4 million in losses from BEC.

Forrester Total Economic Impact™ Study of Abnormal Security

Template - Resource Center

Schedule a Demo

Resource Center

Exploring the Rise of Israel-Based BEC Attacks

chakra-ui-ChakraProvider

Footer

Screen

react-awesome-reveal

lottie-react

plasmic-embed-css

plasmic-query

plasmic-basic-components

Abnormal Design System

react-slick

Abnormal Solutions

react-scroll-parallax-global

Abnormal Pages

Abnormal Legal

Abnormal Why Abnormal

Abnormal Landing Pages

Abnormal Marketing

Abnormal Partners

Abnormal Products

antd5 hostless

Attackers are leveraging <a href="https://abnormalsecurity.com/glossary/social-engineering">social engineering</a> to drive significantly higher engagement and account takeover. In our latest threat report, Abnormal found that attacks are growing at significant rates, as threat actors leverage social engineering strategies to bypass SEGs and drive engagement with targets.
Download the threat report to learn about: 
<ul><li>The rate of engagement with socially engineered attacks that bypass traditional email security </li><li>The dangers of lateral phishing attacks from compromised internal accounts</li><li>The growth in malicious mail filters, indicative of account takeovers, from Q4 2020 to Q1 2021</li><li>How the percentage of companies hit by vendor email compromise attacks has grown</li></ul>
Get the latest research on these highly dangerous attacks. Fill out the form to download the report today. 
After reading this report, you are eligible for .5 CPE credits through (ISC)².

Thanks for your interest in the Q2 2021 Email Threat Report! <a href="https://cdn2.assets-servd.host/gifted-zorilla/production/images/blog/Q2-2021-Email-Threat-Report.pdf">Click here</a> to download the PDF, or view the text below. To claim your (ISC)² CPE credit, please fill out <a href="https://docs.google.com/forms/d/e/1FAIpQLSeXpNB-pZ-mhmRUQCxme-d5JCj_4lDYyxVyRHiDBb2ypV5xfQ/viewform" target="_blank" rel="noreferrer noopener">this form</a>.

On March 17, the FBI released its seminal annual Internet Crime Report. Once again, socially-engineered attacks (including business email compromise, spoofing, and phishing) by far were the number one cybercrime by financial loss, accounting for $2.1 billion of the $4.2 billion in losses to U.S. businesses and consumers. These attacks utilize impersonations to get companies to transfer money to fraudulent accounts, and pose significantly more financial danger to an organization than well-known tactics such as malware and ransomware.
As the FBI noted in its report, “fraudsters have become more sophisticated by evolving their techniques to use social engineering to compromise vendor email accounts and use stolen identities to establish bank accounts to receive stolen funds through invoice fraud.”
Attackers haven’t let up in 2021. As the only source of industry data on the true volume of BEC attacks, we found that attacks across a variety of categories grew at significant rates. Quite simply, attackers are more successful by using socially engineered attacks to bypass existing protections such as secure email gateways.
Key Research Takeaways: <ul><li>The rate of employee engagement increased by 50% for socially engineered attacks that bypass secure email gateways or other existing protections.</li><li>Employees are four times more likely to engage attackers through lateral phishing attacks from compromised internal accounts than with credential phishing from external accounts.</li><li>There was a 250% increase in the presence of malicious mail filters from Q4 2020 to Q1 2021.</li><li>The percentage of companies across industries hit with VEC attacks increased 119% between July 2020 and April 2021. </li></ul>
It’s clear traditional secure email gateway defenses were not designed to stop socially-engineered attacks. In order to stem the tide, organizations need to consider a new approach. Without one, high-profile attacks such as SolarWinds and USAID, which we can surmise started with socially-engineered campaigns, will continue to cause severe financial and reputational loss.

For socially-engineered BEC attacks, there is a 50% increase in employee engagement when compared to traditional email attacks. Socially-engineered attacks are zero-day in nature, have never-seen-before and contain no malicious payloads. These techniques make them more successful at bypassing traditional defenses and eliciting engagement in order to lure targets into rerouting funds.
For less sophisticated traditional email attacks that contain malicious attachments or links there’s relatively low engagement - approximately 3% overall - and hence do not pose as much of a financial risk as socially engineered attacks.

According to the FBI, Socially-Engineered email attacks are responsible for more than $2.1B in lost revenue last year, by far the most of any security threat. They use impersonations to get companies to transfer money, and pose significantly more financial danger to an organization than well-known tactics such as malware and ransomware.

Q1 2021 4

We can surmise that high-profile attacks such as SolarWinds and USAID started with a successful credential phishing attempt of a vendor or employee account.
Once an employee’s account credentials are phished, attackers can move laterally across the organization (known as east-west traffic), and send malware or ransomware attacks that are likely to be engaged with. Lateral, east-west traffic often goes undetected by traditional defenses that miss out on device and sign-in location data signals.
In contrast, with an API architecture approach, organizations should be able to detect east-west traffic and catch internal account compromises.
API Architecture Enables Compromise and Phishing Detection
The new API-driven approach pioneered by Abnormal Security uniquely leverages behavioral data science to profile and baseline good behavior to detect account compromises and phishing attacks. We deliver this approach through a cloud native email security platform that can be deployed instantly into Microsoft Office 365 via a 1-click API integration - and can be used to extend your existing Secure Email Gateways.

The presence of malicious mail filters jumped considerably this past quarter. There was a 250% increase in malicious mail filters from 7% to 23% between Q4 2020 and Q1 2021.
Malicious mail filters indicate an attacker either currently has, or previously had, compromised the account and set up mail configurations to obfuscate their tracks. The mail filter can be used to redirect emails to an impersonated domain, or send replies to the junk folder or trash.
Overall, we see that at least 6% of the mail filters explicitly forward or redirect internal messages to an external domain, and another 8% hide invoice-related messages.
The presence of malicious mail filters goes undetected by traditional email security defenses. In order to combat them, organizations need an API-architecture approach that can detect abnormal behavioral patterns to prevent these attacks.
How Mail Filters are Maliciously Used<ol><li>Redirects conversation to an impersonated domain</li><li>Sends replies meant for the real accounts to Junk folders or Trash </li></ol>

Q1 2021 5

The percentage of companies across industries getting hit with VEC attacks increased 119% from July 2020 to April 2021, as threat actors increasingly see communications between vendors and customers as the weakest link and focus their efforts on these types of supply chain attacks.
There have been a string of recent high-profile, socially-engineered phishing attacks this year, with SolarWinds and the USAID attack, which we can surmise all started with credential phishing attempts of a vendor or employee email account. 
These attacks are hard to detect for organizations because they leverage trusted relationships. Forward-thinking security professionals are increasingly coming to the conclusion their security is tied to their partner ecosystem, which in many cases spend less on security than they do.
To combat vendor compromise attacks, organizations need a solution (VendorBase) that can automate the process of knowing which vendors are compromised and remove the manual burden of remediating and investigating VEC attacks from compromised vendors.

Q1 2021 2

Q1 2021 3

Q2 2021 Email Threat Report

Threat report 2

Homepage

Breadcrumbs

Abnormal Security provides advanced email security to prevent credential phishing, business email compromise, account takeover, and more.

Abnormal Security

Attackers are leveraging social engineering to drive significantly higher engagement and account takeover. In the Q2 2021 threat report, Abnormal found that attacks are growing at significant rates, as threat actors leverage social engineering strategies to bypass SEGs and drive engagement.

Q2 2021: High-Profile Socially-Engineered Email Attacks Drive Record-High Employee Engagement & Fraud

Attackers are leveraging social engineering to drive significantly higher engagement and account takeover. In the Q2 2021 threat report, Abnormal found…

description

engineering, social, drive, engagement, threat, significantly, report, rates, actors, leverage, strategies, segs, leveraging, higher, account

keywords

https://optimise2.assets-servd.host/gifted-zorilla/production/images/threat-report-2_2021-09-29-202645_ugjr.png?w=1200&h=630&q=82&auto=format&fit=crop&dm=1675097581&s=0361cfe719cf77176c0e0dd1d95ce0a1

Q2 2021: High-Profile Socially-Engineered Email Attacks Drive…

https://abnormalsecurity.com/resources/threat-report-q2-2021-socially-engineered-attacks

referrer

robots

twitter:card

twitter:creator

twitter:description

https://optimise2.assets-servd.host/gifted-zorilla/production/images/threat-report-2_2021-09-29-202645_ugjr.png?w=800&h=418&q=82&auto=format&fit=crop&dm=1675097581&s=06faf2b12ff4250fb1e8e00407d04da0

Q2 2021: High-Profile Socially-Engineered Email Attacks Drive Record-High Employee Engagement & Fraud

Download Now

See the Abnormal Solution to the Email Security Problem

Related Resources