Beyond just email, other communication platforms like Teams and Slack are vital to monitor and protect because threat actors are always looking for new avenues to attack end users. While your users at this point are fairly wary of emails due to the continuous awareness training that we have done, I would bet that almost all of your users trust the communications that they see on Slack and Teams.
Now, imagine if a vendor or partner that you communicate with on Teams and/or Slack, in this case we're looking at Teams, has one of their users become compromised. The threat actor is now able to send messages as that compromised user to your users, and your users are going to have a much higher likelihood of acting on the request or, as we see in this case, clicking on a potentially malicious link.
Abnormal is able to detect these malicious activities and enable analysts to swiftly take action on the affected users.
