Prevent Malware and Ransomware Attacks

Stop the malicious malware that infects your computers and leads to breaches.

Ransomware Attacks Header V2


percentage of ransomware attacks delivered through email

Source: Barracuda Networks Research

11 Seconds

is the interval between global ransomware attacks

Source: 2017 Cisco Annual Cybersecurity Report


percentage of organizations impacted by ransomware

Source: Sophos, State of Ransomware 2021

Stopping the Most Malicious Attacks

Ransomware is the most malicious type of malware and employs encryption to hold information at ransom. When delivered through email, ransomware can establish its presence on an endpoint and then drop malicious binary on the system. This binary then searches for and encrypts valuable files, only releasing them after the ransom is paid. Making matters worse, in some cases these files are never released, even after paying the ransom. In these attacks, the threat actor ...


Buys or creates a malware program, typically one that launches upon click.


Targets an organization with an email spam campaign.


Waits while the malware executes malicious binary and encrypts valuable files.


Prompts the victim or organization to pay a ransom to decrypt the files.

abnormal recognizing a malware and ransomware email

Recognizing a Malware or Ransomware Attack

This email passed legacy controls because it comes from a legitimate email address and because the link leads to a legitimate document.

However, this email is the start of a malware attack:

  • The language contains urgent language with a link the user would be compelled to click
  • The link is a Google Doc—a common cybercrime tactic since these links are used daily for legitimate business purposes
  • The link leads to the download of a Microsoft Excel file with macros that could let attackers gain control and download ransomware

Based on this information, combined with the fact that this send has never before emailed the victim, Abnormal can determine that this is a malware attack.


Prevent Malware From Holding You Ransom

sample email with fake address

Detect Suspicious Correspondence Patterns

This email about a new required documentation appears to be sent from Printers and More, but the email address is actually one created to look similar to the real domain.

The email exhibits suspicious sending behavior and the sender uses language that is attempting to engage with Jim, but the email address does not match the display name—a common pattern in impersonation attempts.

sample email with malicious url

Block Malicious Links and Attachments

Abnormal finds that even though the link looks legitimate, it redirects to a suspicious site upon click.

The URL displayed within the email matches the company name that Jim would expect. If he were to see the email, he would have certainly clicked on the link.

Abnormal safely inspects links and attachments to ensure that they are safe, and finds that the link actually redirects to a Wordpress site that attempts to initiate a download of emotet—a sophisticated trojan that is a direct cause of advanced ransomware attacks.

real phone number detected

Provide Forensics To Security Teams

Abnormal protected Jim from this socially engineered ransomware attack. The security team is aware of it.

Abnormal automatically prepares a detailed analysis of the attack, and makes it available for the security team to review.

In addition to information on the unusual sender, the content and tone of the email, and the nature of the request, the team is also able to review the contents of the attachments and the links targets in preview mode.


Trusted by Global Enterprises


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Resources

B 10 19 22 Product Demo Inbound
With Abnormal, security teams can now eliminate redundant email gateways and enhance Microsoft's built-in security capabilities.
Read More
B 04 20 23 Gartner report no button 1
Discover how to compare the critical capabilities of native cloud email providers and why Gartner believes behavioral AI is the key to protecting your organization.
Read More
B 02 08 23 1500x1500 H12023 Threat Report
Explore recent developments in the email threat environment, including the growing risk employees pose to an organization’s cybersecurity.
Download Now
B Theresa 10 13 22
In this webinar, Abnormal CISO Mike Britton is joined by Theresa Payton, cybersecurity expert and the first female White House CIO, to discuss ransomware.
Watch Now