Payloadless phishing attacks are text-based email attacks without malicious attachments or links. Attackers impersonate known vendors, brands, or employees to engage with recipients and use social engineering tactics to deceive the recipient.
A popular scheme is where attackers encourage the recipient to call a support center, where they will receive instructions on accessing a malicious link or downloading compromised files.
Let’s see how Abnormal can stop it.
This is an email from McAfee support reminding the recipient that they will be automatically charged $600 dollars to renew their membership. To cancel this charge, they are told to contact support using the telephone number included in the email.
If we take a closer look, we can see that attackers are using an email address from a free domain - we know that is not true for McAfee - and what makes this message dangerous is that they are requesting users to engage using a telephone number. If users decide to call this number, there are several actions attackers could take, from requesting a credit card number to installing third-party apps to help “remove the software”.
So how was Abnormal able to detect this type of attack?
Abnormal uses tens of thousands of signals to understand every identity, providing context on relationships, communication patterns, and behaviors within and between your organization and others.
Abnormal combines identity understanding with a deep content analysis, capable of identifying that not only is this sender unusual but also that the language used is trying to engage with the recipient. It also identified that the email body uses language targeted at stealing personal information or money from the organization.
After detection, Abnormal automatically remediates the message, eliminating the chance of engagement by the recipients. By doing so, end users never see the email and never have the opportunity to call the included telephone number.
Discover more about how Abnormal detects and blocks payloadless email attacks by requesting your personalized demo today.
