Threat Intel

B Midnight Hedgehog Mandarin Capybara

Author crane hassold

Crane Hassold

Discover how two BEC threat groups are using automated translation tools to execute payment fraud and payroll diversion attacks in several languages simultaneously.

BEC Groups Wage Multilingual Executive Impersonation Attacks Targeting Companies Worldwide

B Firebrick Ostrich Blog

Discover how Firebrick Ostrich uses open-source intelligence to run their BEC scams in these supply chain compromise examples.

BEC Group Incorporates Secondary Impersonated Personas and Lookalike Domains in Convincing Third-Party Reconnaissance Attacks

B Threat Intel Phishing Attacks HR Policies

Threat actors are capitalizing on the new year, posing as human resources officials to send credential phishing attacks.

Phishing Attacks Pose as Updated 2023 HR Policy Announcements

Artificial Intelligence

Data & Trends

B 12 12 22 Chat GPT

Discover how ChatGPT can be used by threat actors to run business email compromise schemes and other email attacks.

The Double-Edged Sword of ChatGPT: How Threat Actors Could Use It for Evil

B 1500x1500 Holiday Threats Email L2 R1

Reduce your risk of a BEC or phishing attack this holiday season by watching out for these email threats.

Email Threats to Watch Out for During the Holidays

B 1500x1500 Lilac Wolverine L1 R1

Threat group Lilac Wolverine is fine-tuning the art of exploiting people’s willingness to help others in some of the largest gift card attacks we've seen.

BEC Group Compromises Personal Accounts and Pulls Heartstrings to Launch Mass Gift Card Attacks

B 1500x1500 Q3 Ransomeware L1 R2

This post explores the continuation of the sharp decline in ransomware attacks as well as a few other notable data points from Q3 2022.

Q3 2022: Ransomware Activity Levels Off, but the Landscape is More Centralized Than Ever

B 1500x1500 Crimson Kingsnake L2 R1

Uncovering how threat group Crimson Kingsnake uses third-party impersonation tactics to swindle organizations across the world.

Crimson Kingsnake: BEC Group Impersonates International Law Firms in Blind Third-Party Impersonation Attacks

B Active Defense

Learn about active defense, an innovative approach our threat intel team uses to understand and block business email compromise attacks.

Active Defense: Socially Engineering the Social Engineers

B 10 3 22 Cobalt Terrapin Blog

Threat group Cobalt Terrapin uses sophisticated impersonation techniques with multiple steps to commit invoice fraud.

BEC Group Uses Manufactured Email Threads and Brand Impersonation to Facilitate Invoice Fraud

B Back to School

Discover how threat group Chiffon Herring leverages impersonation and spoofed email addresses to divert paychecks to mule accounts.

Back to School: BEC Group Targets Teachers with Payroll Diversion Attacks

B 1500x1500 Q2 2022 Ransomware Landscape

The number of ransomware attacks continued its downward trend in Q2 2022. Learn why and discover more about ransomware threat actors and targets.

Q2 2022: Ransomware Landscape Continues Its Decline as Another Major Group Shuts Down

B 07 14 22 4types

Understanding the ways cybercriminals execute financial supply chain compromise is key to preventing your organization from falling victim to an attack.

The 4 Most Damaging Types of Financial Supply Chain Compromise

B 07 07 22 Financial Supply Chain Compromise

Financial supply chain compromise, a subset of business email compromise (BEC), is on the rise. Learn how threat actors launch these sophisticated attacks.

Understanding the Basics of Financial Supply Chain Compromise

B 06 21 22 Threat Intel blog

Executives are no longer the go-to impersonated party in business email compromise (BEC) attacks. Now, threat actors are opting to impersonate vendors instead.

New Abnormal Research Shows Rise in Financial Supply Chain Compromise as Attackers Turn to Vendor Impersonation

B 05 27 22 Active Ransomware Groups

Here’s an in-depth analysis of the 62 most prominent ransomware groups and their activities since January 2020.

A Deep Dive into Active Ransomware Groups

B 05 03 22

Like all threats in the cyber threat landscape, ransomware will continue to evolve over time. This post builds on our prior research and looks at the changes we observed in the ransomware threat landscape in the first quarter of 2022.

Ransomware Volume Drops as a Main Player Exits the Stage

Business Email Compromise

Blog fbi ic3 cover

It’s IC3 Report week! In what has become an annual holiday for anyone that’s heavily involved in researching business email compromise (BEC) attacks, the FBI released its 2021 Internet Crime Report that details trends in various types of cybercrime activity over the past year.

Unlucky #7: FBI Data Shows BEC Is the Top Cyber Threat for Seventh Year in a Row

Blog ransomware victims cover

Looking at the overall volume trends, there have been two main spikes in ransomware activity over the last two years.

The Victimology of Ransomware: 4,200 Ransomware Victims and Counting

Blog driviing factors cover

As part of our research, we dove into why ransomware has changed and how each variable influences the overall threat of ransomware in distinctly different ways.

The Driving Factors Behind Today’s Ransomware Landscape

Ransomware victim blog cover

New research from the Abnormal Threat Intelligence team shows that ransomware delivery methods have evolved, payouts are growing in frequency and total cost, and there are more malicious actors participating in ransomware than ever before.

New Ransomware Research Shows Growth Trends Across the Threat Landscape

Blog yellow ransomware screen

On August 12, 2021, we identified and blocked a number of emails sent to Abnormal Security customers soliciting them to become accomplices in an insider threat scheme. The goal was for them to infect their companies’ networks with ransomware. These emails allege to come from someone with ties to the DemonWare ransomware group.

Nigerian Ransomware: An Inside Look at Soliciting Employees to Deploy DemonWare

Demo

Schedule a Demo

Product

Black Hat Product Launch Cover

Person Evan Reiser

Evan Reiser

Abnormal AI announces Security Posture Management for Microsoft 365, international expansion, and Email Security product innovations at Black Hat 2025.

Introducing Security Posture Management for Microsoft 365 (and Six Powerful Platform Enhancements)

B 1500x1500 MKT889c Forrester Wave

Author Lane Billings

Lane Billings

Abnormal AI received the highest scores possible in the Innovation and Roadmap criteria, the top score in the Strategy category, and above-average customer feedback.

Abnormal AI Named a Leader in The Forrester Wave™: Email, Messaging, And Collaboration Security Solutions, Q2 2025

Company & Culture

Gartner Peer Insights Customers Choice 2025 Cover

Alaina Kretchmer

Abnormal AI has been named a 2025 Gartner® Peer Insights™ Customers’ Choice for Email Security Platforms, based entirely on feedback from IT and security professionals. Learn how real users rated Abnormal across key criteria including deployment, support, and product capabilities.

Abnormal AI Recognized as a Customers’ Choice in 2025 Gartner® Peer Insights™ Voice of the Customer for Email Security Platforms

B 1500x1500 BLOG AI Phishing Coach Product Announcement

E03 C83 N442 J U047 UPX5 KLL 1305a10bd70a 512

Ryan Schwartz

Discover how Abnormal transforms security training with personalized phishing simulations, real-time coaching, and fully autonomous program management.

Introducing AI Phishing Coach: Personalized, Autonomous Security Awareness Training

Vendor Email Compromise

B Vendor Email Compromise Case Study Blog

Author Callie Hinman

Callie Baron

Author Elizbeth Swantek

Elizabeth Swantek

See how a real vendor email compromise attack fooled multiple employees. Learn why VEC succeeds and how AI makes these threats more dangerous.

Thread Hijacked: Breaking Down a Real Vendor Email Compromise Attack

Email Subscribe

<p> Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.</p>

Homepage

Breadcrumbs

Abnormal AI provides advanced email security to prevent credential phishing, business email compromise, account takeover, and more.

Abnormal AI

Learn about the latest cybercrime attack types and email security data trends and discover the latest product and company announcements from Abnormal.

Email Security Blog

description

cybersecurity, insight, news, team, latest, experts

keywords

https://images.abnormalsecurity.com/production/images/L_Abnormal-homepage_Opengraph.png?w=1200&h=630&q=82&auto=format&fit=crop&dm=1740090372&s=5d61b4c2e242be3ca70dfe1d54859b11

referrer

robots

twitter:card

twitter:creator

twitter:description

https://images.abnormalsecurity.com/production/images/T_Abnormal-homepage_Opengraph.png?w=800&h=418&q=82&auto=format&fit=crop&dm=1740090398&s=d6f915fc8861f3928b09a79dae44e4be

twitter:image

twitter:image:alt

twitter:image:height

twitter:image:width

twitter:site

twitter:title

{"title":{"title":"Email Security Blog | Abnormal AI"}}

Abnormal Blog

<p>Named a 2025 Gartner® Peer Insights™ Customers’ Choice for Email Security</p>

.css-bmf3w{font-family:inherit;font-size:15px;font-style:normal;font-weight:400;line-height:24px;}Abnormal Blog.css-7dny4u{-webkit-padding-start:12px;padding-inline-start:12px;-webkit-padding-end:12px;padding-inline-end:12px;display:inline;}/Author/Crane Hassold

Crane Hassold

Abnormal Blog/Author/Crane Hassold