BEC: Invoice & Payment Fraud - Abnormal Security

Solutions

Stop Invoice Fraud

Fraudulent invoices delivered by attackers have resulted in some of the largest financial losses from BEC. With thousands of vendors and thousands more invoices to manage, it becomes easy for attackers to get lost and fraudulent invoices to be paid time and again.

Stop Invoice Fraud​

Solutions

Stop Invoice Fraud

Stop Invoice Fraud​

Fraudulent invoices delivered by attackers have resulted in some of the largest financial losses from BEC. With thousands of vendors and thousands more invoices to manage, it becomes easy for attackers to get lost and fraudulent invoices to be paid time and again.

Attack Breakdown

The framework that attackers use when launching email attacks starts with the Pretext. Attackers will impersonate a Brand, Internal Employee or a trusted External Partner/Vendor. In the case of an Invoice Fraud, the attackers will impersonate a vendor using a variety of methods. The email will commonly deliver the false invoice as an attachment, bypassing analysis due to lack of any traditional threat signals such as malware.

How Abnormal Stops Invoice Fraud (BEC)​

The Abnormal Advantage

See how Abnormal stops Invoice Fraud.

How Abnormal Stops Invoice Fraud (BEC)

Abnormal Security uses a unique triangulation of Identity, Relationship and Content signals. Any single analysis may not lead to a high confidence decision, but Abnormal’s combination of these three pillars results in high precision and accurate identification of targeted email attacks.

01

Abnormal Identity Model

Abnormal builds external entity profiles with dozens of attributes. Financial requests from entities that have not regularly had a cadence of invoicing are suspicious.

02

Abnormal Relationship Graph

Profiling of prior communications shows no prior observed relationship between sender and recipient.

03

Abnormal Content Analysis

Computer vision techniques analyze the attachment. Prior references to the vendor in the invoice are checked, in addition to the bank name and routing information. Natural Language Processing algorithms analyze the email content for Topic and Sentiment.

01

Abnormal Identity Model

Abnormal builds external entity profiles with dozens of attributes. Financial requests from entities that have not regularly had a cadence of invoicing are suspicious.

02

Abnormal Relationship Graph

Profiling of prior communications shows no prior observed relationship between sender and recipient.

03

Abnormal Content Analysis

Computer vision techniques analyze the attachment. Prior references to the vendor in the invoice are checked, in addition to the bank name and routing information. Natural Language Processing algorithms analyze the email content for Topic and Sentiment.