Attack Stories

Blog mail impesrsonation

L Blog Author

Abnormal AI

Attackers impersonated USPS while sending out phishing emails designed to steal payment credentials.

USPS Impersonated in Credit Card Phishing Scam

Blog bitcoin ledger

Cybercriminals attempted a phishing scam to access cryptocurrency wallets by impersonating Ledger.

Ledger Impersonated in Cryptocurrency Scam

Blog keyboard circle

Facebook phishing attacks are popular because users tend to use the same email address and password for other sites. In this attack, the cybercriminal impersonates Facebook to send out a phishing attack using a legitimate Facebook link.

Facebook Impersonated in Credential Phishing Scam

Blog healthcare ceiling

Healthcare continues to be a preferred method for cyber attacks, and this attack features an impersonation of UnitedHealthcare in the form of a request for a claim. The email appears to originate from notifications@e-notifications.myuhc.com, which is an authorized...

Spoofed Healthcare Email Used for Identity Theft

Blog circular downward

Microsoft Office offers one-time purchase and subscription plans and has numerous official resellers for its products. Scammers use this fact as an opportunity to impersonate Microsoft and their resellers in order to steal sensitive user data, as well as for...

Microsoft Renewal Scam Leads to Financial Loss

Blog green surveymonkey

SurveyMonkey is a survey service that is normally used to host legitimate surveys. However, sometimes attackers will utilize file sharing and surveying sites like SurveyMonkey to host redirect links to a phishing webpage. By using these legitimate services...

SurveyMonkey Used in Office 365 Phishing Attempt

Blog yellow calendar

Financial institutions are common targets for attackers because of the amount of money in their control. Access to a user’s sensitive information would allow an attacker to commit identity theft, as well as steal any money associated with the account. Many of...

Calendar Invite Used to Access Bank Accounts

Blog yellow tunnel

Vendor email compromise, in which a compromised vendor sends invoice or payment attacks to their customers, is growing in popularity. An easier to detect method of this attack happens when a vendor is impersonated, rather than compromised. In this attack, the...

Vendor Impersonated in Invoice Fraud Attack

Blog purple waves

Companies have largely transitioned to working from home where they can in response to the current pandemic and are relying on conferencing software such as Cisco WebEx. Attackers are taking advantage of this transition to impersonate collaboration and...

WebEx Impersonated in Credential Phishing Attack

Blog green leaf pattern

We caught a recent phishing attack through a fake Microsoft Teams email designed to steal Office 365 login credentials.

Microsoft Teams Impersonated in Office 365 Phishing Attack

Demo

Schedule a Demo

Threat Intel

B EDU Duo MFA Threat Intel Report Blog

Author Callie Hinman

Callie Baron

Author Piotr Wojtyla

Piotr Wojtyla

A phishing campaign targeting higher education steals credentials and Duo OTPs to compromise accounts, exfiltrate data, and launch lateral attacks.

Attackers Steal Duo OTPs to Compromise Higher Ed Accounts

Artificial Intelligence

Defensive AI Meets Cover pptx

Jaroslav Kalfar Photo

Jaroslav Kalfar

As the battle between good AI and malicious AI plays out in cloud email environments, CISOs are turning to behavioral intelligence to keep pace.

Defensive AI Meets the Inbox: The CISO Guide for the AI Arms Race

Product

B 1500x1500 BLOG AI Phishing Coach Product Announcement

E03 C83 N442 J U047 UPX5 KLL 1305a10bd70a 512

Ryan Schwartz

Discover how Abnormal transforms security training with personalized phishing simulations, real-time coaching, and fully autonomous program management.

Introducing AI Phishing Coach: Personalized, Autonomous Security Awareness Training

Vendor Email Compromise

B Vendor Email Compromise Case Study Blog

Author Elizbeth Swantek

Elizabeth Swantek

See how a real vendor email compromise attack fooled multiple employees. Learn why VEC succeeds and how AI makes these threats more dangerous.

Thread Hijacked: Breaking Down a Real Vendor Email Compromise Attack

Email Subscribe

<p> Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.</p>

Homepage

Breadcrumbs

Abnormal AI provides advanced email security to prevent credential phishing, business email compromise, account takeover, and more.

Learn about the latest cybercrime attack types and email security data trends and discover the latest product and company announcements from Abnormal.

Email Security Blog

description

cybersecurity, insight, news, team, latest, experts

keywords

https://images.abnormalsecurity.com/production/images/L_Abnormal-homepage_Opengraph.png?w=1200&h=630&q=82&auto=format&fit=crop&dm=1740090372&s=5d61b4c2e242be3ca70dfe1d54859b11

referrer

robots

twitter:card

twitter:creator

twitter:description

https://images.abnormalsecurity.com/production/images/T_Abnormal-homepage_Opengraph.png?w=800&h=418&q=82&auto=format&fit=crop&dm=1740090398&s=d6f915fc8861f3928b09a79dae44e4be

twitter:image

twitter:image:alt

twitter:image:height

twitter:image:width

twitter:site

twitter:title

{"title":{"title":"Email Security Blog | Abnormal AI"}}

Abnormal Blog

<p>Abnormal Innovate 2026: Live Insights from AI Experts</p>

vs Mimecast

vs Avanan

Secondary CTA

Whether FormComplete is utilized on a form

FormComplete

CTA Display

What text is displayed on the primary CTA (see sheet for details on copy)

Primary CTA Text

Form Columns

chakra-ui-ChakraProvider

Footer

Screen

PrimaryCtaText

FormColumns

CtaDisplay

VsMimecast

SecondaryCta

VsAvanan

Abnormal Solutions

react-awesome-reveal

lottie-react

date-fns

plasmic-nav

react-scroll-parallax-global

plasmic-embed-css

Abnormal Pages

Abnormal Careers

loading-boundary

plasmic-query

plasmic-basic-components

Abnormal Privacy/Legal

Abnormal Why Abnormal

Abnormal Landing Pages

react-aria

plasmic-rich-components

Abnormal Partners

Abnormal Products

Abnormal Design System

Abnormal Marketing

antd5 hostless

react-slick

.css-bmf3w{font-family:inherit;font-size:15px;font-style:normal;font-weight:400;line-height:24px;}Abnormal Blog.css-7dny4u{-webkit-padding-start:12px;padding-inline-start:12px;-webkit-padding-end:12px;padding-inline-end:12px;display:inline;}/Author/Abnormal AI

Abnormal AI

Abnormal Blog/Author/Abnormal AI