Stop Invoice and Payment Fraud
Attackers regularly compromise vendor accounts or spoof trusted identities and target unsuspecting employees with fake invoices or payment requests.
Conventional email security solutions are often blind to these types of fraud.
of all breaches were financially motivated
average loss per reported incident
by conventional email threat intelligence tools
Recognizing Email-Based Invoice and Payment Fraud
Detecting Invoice and Payment Fraud
This email passed traditional threat intel and reputation checks, but is suspicious. Upon closer examination, we see that:
- It contains language that attempts to steal money from your organization
- Its tone suggests urgency
- The sender is a known vendor, but Theresa rarely corresponds with Jason
- The attachment contains a URL to an external website
Based on these factors, Abnormal can stop it.
Stop Email-Based Invoice and Payment Fraud that Evades Secure Email Gateways
Detect Suspicious Timing, Language, and Tone
This message from Cayman Bank shares new bank details and requests a wire transfer now.
Unlike secure email gateways, Abnormal goes beyond just looking for obvious signs of fraud, such as reply-to pivots, malicious IPs, or impersonated supplier domains. It also reviews every email, including those that are sent between colleagues that bypass usual security controls.
Abnormal flags messages with suspicious tone and language, and invoices that are sent out of the typical payment cycle.
Informed by Person’s Behavior and Relationships
Michael does not ask Dwight for wire transfers. Plus, his email came from Bucharest, 5 minutes after his last one from Scranton. Also, he never signs off with “Good day!”
Unlike other threat intelligence solutions, Abnormal continuously learns about
People: their behavior, tone, language used, content shared, and the context for their email-based relationships with others
Organizations: the nature of their business, their locations, and their interactions with other organizations
This intelligence flags suspicious emails with a high degree of confidence.
Inspect Attachments for Suspicious Content
Michael’s email attachment provides details for Cayman bank, a bank that has never been used by Dunder Mifflin.
Abnormal scans attachments and URLs for suspicious content, websites and metadata.
Only Abnormal reviews all previous and similar invoices to baseline what looks acceptable, in order to block invoice and payment fraud.