Stop Credential

Credential phishing leads to compromised accounts, providing attackers with a foothold inside the organization and putting the organization at risk for data loss or further attacks launched from within.

Attack Breakdown

The framework that attackers use when launching email attacks starts with the Pretext. Credential phishing attacks commonly impersonate a known Brand. The email will commonly include a link to a URL that will capture the credentials entered by the victim. Many credential phishing attacks are delivered to end-users because the URLs do not contain any traditional threat signals such as malware.

How Abnormal Stops Credential Phishing

Abnormal Behavior Technology (ABX) is Abnormal Security’s unique triangulation of Identity, Relationship and Content. Any single analysis may not lead to a high confidence decision, but ABX’s combination of the three pillars results in high precision and accurate identification of targeted email attacks.

  1. 01

    Abnormal Identity Model

    Abnormal builds external entity profiles with dozens of attributes. Key email addresses used by brands are tracked by the Abnormal Identity Model.

  2. 02

    Abnormal Relationship Graph

    Profiling of prior communications shows no prior observed communication between the sender address and the recipient.

  3. 03

    Abnormal Content Analysis

    Computer vision techniques analyze the URL page to identify brand logos, form fields, and containers.