CISO Insights

B 1500x1500 MKT1042m Social graphics for Cybersecurity Awareness Month blog post

Author mike britton

Mike Britton

Happy Cybersecurity Awareness Month!  Make sure your workforce is prepared to combat emerging threats all year with these 5 tips.

Cybersecurity Awareness Month: How CISOs Can Engage, Educate, and Empower Year-Round

Artificial Intelligence

Company & Culture

Pioneering Responsible AI Cover

Abnormal AI achieves ISO/IEC 42001:2023 certification, becoming an early adopter of the global standard for AI governance and risk management.

Pioneering Responsible AI: Abnormal Leads as Early Adopter of ISO 42001

Data & Trends

B Fin Serv Attack Trends Blog

Email attacks on financial services rose 25% year-over-year. Learn why FinServ is a top target and how threat actors exploit trust to deceive employees.

Assets Under Attack: Email Threats Targeting Financial Services Jump 25%

Business Email Compromise

Industry Research

B FBI IC3 2024 Report Blog

The 2024 FBI IC3 Report confirms BEC remains a top cyber threat, driving billions in losses alongside crypto-enabled investment scams.

2024 FBI IC3 Report: Business Email Compromise Remains a Multi-Billion Dollar Threat

B Nonprofit Attack Trends Blog

Advanced email attacks on nonprofits surged 35% year-over-year. Learn why cybercriminals are targeting the sector and how to stay protected.

Mission Interrupted: Nonprofits Face a Rising Wave of Email Attacks

B Gift Card Scams Tricker to Spot Blog

Learn why gift card scams are becoming more difficult to identify, how cybercriminals evolve their tactics, and strategies to protect your organization.

Why Gift Card Scams Are Getting Trickier to Spot

B Manufacturing Industry Attack Trends Blog

New data shows a surge in advanced email attacks on manufacturing organizations. Explore our research on this alarming trend.

Manufacturing Sector at Risk: Industry Faces Wave of Advanced Email Attacks

B Reg AI

There are ways to protect the public from the potential dangers of AI without stifling innovation—and the Europeans have already shown us how.

What the US Can Learn From the UK and EU  About Regulating AI

B Healthcare Industry Attack Trends Blog

Targeted attacks on the healthcare industry are on the rise. Explore the latest threat trends and learn how to protect your organization.

Critical Condition: Spike in Email Attacks Targeting the Healthcare Industry

B Transportation Industry Attack Trends Blog

Explore the latest attack trends in the transportation industry and learn how to defend against rising threats like phishing, BEC, and VEC.

Threats in Transit: Cyberattacks Disrupting the Transportation Industry

B How BEC Attacks Are Evolving in AI Era

Discover how to protect your business from sophisticated BEC attacks, including vendor email compromise, AI-generated scams, and email thread hijacking.

How BEC Attacks Are Evolving in the AI Era

Account Takeover

B Why MFA Alone Will No Longer Suffice

Explore why account takeover attacks pose a major threat to enterprises and why multi-factor authentication (MFA) alone isn't enough to prevent them.

Why MFA Alone Will No Longer Suffice

B State and Local Government Attack Trends

Advanced attacks targeting state and local governments are increasing. Discover what our research revealed about this alarming trend.

Phishing Attacks on State and Local Governments Surge 360%

Attack Stories

B UPS Fed Ex Phishing Impersonation

Attackers attempt to steal payment information by posing as UPS and FedEx and sending fake shipment notifications about a pending delivery.

Unpacking the Threat: UPS and FedEx Convincingly Impersonated in Phishing Attacks

B Cross Platform Account Takeover

Discover the dangers of cross-platform account takeover, the challenges of detecting this attack, and how to implement proactive protection against ATO.

Protecting Against Cross-Platform Account Takeover

B MKT498 Images for FBI IC3 2023 Report Blog

Explore the biggest takeaways from the 2023 FBI IC3 Report, including the steady increase in losses due to business email compromise (BEC).

Key Takeaways from the 2023 FBI IC3 Report: Business Email Compromise Losses Jump to Nearly $3 Billion

B 1500x1500 CISO Chat GPT Recap Blog 03 04 24

In this Vision 2024 CISO panel recap, Mike Britton shares some of the biggest takeaways from his conversation with industry-leading CISOs.

CISO Chat(GPT): How Top Brands Are Using AI in Cybersecurity

B 1500x1500 MKT477 Energy Infrastructure Data Blog

Energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. Learn more.

Energy and Infrastructure Industry Sees Steady Growth in Cyberattacks

Credential Phishing

B 1500x1500 MKT468a Open Graph Images for Phishing Subjects Blog

Discover the most engaging phishing email subjects, according to Abnormal data, and how to protect your organization from these scams.

Hooked on Phishing: The 5 Most Popular Themes That Encourage Users to Click

Thought Leadership

B 1 17 24 Best Practices 1

Discover key cybersecurity strategies for protecting your organization against emerging email threats in 2024.

Email Security Best Practices for 2024 (and Beyond)

B 12 18 23 Gen AI

See how attackers are using generative AI in their email attacks to bypass email security solutions and trick employees.

Uncovering AI-Generated Email Attacks: Real-World Examples from 2023

B 1500x1500 MKT440a Bazarcall Attack Blog Graphics

Explore the intricacies of this BazarCall phishing attack that uses a Google Form for heightened authenticity.

BazarCall Attack Leverages Google Forms to Increase Perceived Credibility

B Disney Attack Blog

This Disney+ scam email uses brand impersonation and personalization to send a convincing fake subscription charge notice.

Disney+ Impersonated in Elaborate Multi-Stage Email Attack with Personalized Attachments

B Cryptocurrency Donations Attack

Attackers attempt to solicit fraudulent donations via cryptocurrency transfers under the guise of collecting donations for children in Palestine.

Attackers Exploit Middle East Crisis to Solicit Fraudulent Cryptocurrency Donations for Children

B Bittrex Phishing Attack

Attackers capitalize on the Bittrex bankruptcy by targeting customers with a convincing credential phishing attack.

Threat Actors Capitalize on Bittrex Bankruptcy to Launch Targeted Phishing Attack

B CISO Career Tips

Interested in charting a course toward becoming a CISO? Here are 12 tips to help you on your journey.

12 Strategic Career Tips for Aspiring CISOs

B Health Care

Email attacks like BEC against the healthcare industry are on the rise in 2023. Protect yourself with sophisticated cloud-native email security.

Healthcare Organizations Experience 279% Increase in Business Email Compromise in 2023

B Nigerian Prince

Scams about the Nigerian Prince that promise millions have been around for decades. But they are transitioning, now using ChatGPT and similar tools to seem more convincing.

The Nigerian Prince is Alive and Well: Cybercriminals Use Generative AI and New Themes to Run Their Scams

B 8 23 23 Mic Phishing

It’s 2023 but not much has changed in phishing, as brand impersonation remains an attacker favorite.

Microsoft Impersonated Most in Phishing Attacks Among Nearly 350 Brands

Vendor Email Compromise

VEC attacks blog cover

Discover how one threat actor compromised five vendor organizations to commit the same invoice fraud attack against more than a dozen victims.

VEC Attacks on Replay: Attackers Use the Same Message to Target Victims in Critical Infrastructure

Threat Intel

B 7 19 23 Fed Email Breach

Discover key cybersecurity takeaways from last week’s email breach on federal agencies by a Chinese APT group.

Lessons Learned from Last Week’s Email Breach on Federal Agencies

Third-Party App Attacks

B 6 8 23 Collab

Business collaboration tools help employees with productivity and communication. But they can also present a number of cybersecurity risks for your business.

5 Security Risks of Collaboration Tools

B 6 2 23 cybercriminals

Businesses need to stay ahead of malicious apps, social engineering, and more to keep their emails safe.

3 Ways Cybercriminals are Targeting Your Email

BC 5 31 23 Vendor Risks

Learn the biggest risks associated with your vendor relationships and how to protect your organization from Vendor Email Compromise (VEC) attacks.

An Overview of Vendor Risks: Tips for Vendor Procurement and Security Assessments

B 5 15 23 Israel BEC

Abnormal research into an advanced Israel-based threat group puts a spotlight on the continuing rise of BEC attacks.

Israel-Based Threat Group Launches Multi-Phase BEC Attacks Using an M&A Lure

B World Password Day

Happy World Password Day! Learn why good password hygiene is important for every employee and how to reduce the risk of account takeovers.

World Password Day: The Perfect Opportunity for a Security Check-up

B CISO Fireside Chat Recap

Hear what the CISOs at Abnormal Security, Wiz, Rubrik, and Noname Security have to say about the biggest security challenges modern organizations face.

CISO Fireside Chat Recap: Insights from 4 Cybersecurity Leaders

B Protecting Against Collaboration Apps

Discover more about collaboration app attacks and how to protect your organization from this emerging threat.

Beyond the Inbox: Protecting Against Collaboration Apps as an Emerging Attack Vector

B IMD

Celebrate Identity Management Day by learning more about the latest practices, tools, and techniques to keep your data secure.

Identity Management Day: Why It Matters and How to Celebrate

B 36 M

Vendor email compromise is expensive. See how Abnormal protected our customer from a $36 million invoice fraud attack.

Stopping Vendor Email Compromise in Action: How Abnormal Detected a $36M Attack

B Keeping VIP Emails Safe

Learn why executives are popular targets for account takeovers, the consequences of a successful takeover, and how organizations can prevent these attacks.

Keeping VIP Emails Safe: Why Your Executives Are Your Largest Security Concern

B 2022 FBI IC3 Report Blog

Discover the biggest takeaways about business email compromise, pig butchering, and phishing from the 2022 FBI Internet Crime Report.

2022 FBI IC3 Report Shows $2.7 Billion in Losses from Business Email Compromise

B 1500x1500 Cybersecurity Predictions L1 R1

Learn how validating your tools, ensuring ROI, and extracting the optimal benefits from your investment can help protect you from cyberattacks in 2023.

Cybersecurity Predictions for 2023: Thoughts from Abnormal's CISO

B 1500x1500 Modern Email Attacks Webinar Series L4 R2

Our Modern Email Attacks series has wrapped! Here are some of the biggest takeaways from Chris Krebs, Troy Hunt, and Theresa Payton.

Top Highlights and Takeaways from Our Modern Email Attacks Series

B 1500x1500 Distributed Workforce L3 R4

Allowing remote work improves engagement and retention, but it also increases your attack surface. Here’s how to protect your distributed workforce.

Protecting a Distributed Workforce from Cybersecurity Threats

B Account Takeover Blog 08 22 22

Learn how threat actors execute email account takeovers, how they exploit compromised accounts, and what you can do to reduce your risk.

Understanding and Preventing Account Takeover Attacks

B 1500x1500 Email Attack Insights

Join us for a three-part webinar series about the most serious email-based threats, featuring some of the biggest names in cybersecurity.

Email Attack Insights from the Top Names in Cybersecurity

B 07 22 22 Webinar Recap

Credential phishing attacks can lead to loss of revenue, loss of data, and long-term reputational damage. Learn why these attacks are successful and how to block them.

Webinar Recap: Blocking Phishing Attacks Before Employees Bite

Blog mitigate threats cover

Learn about the most common socially-engineered attacks and why these tactics are still so successful—despite a growing awareness from employees.

How to Mitigate Socially-Engineered Attacks

B 04 19 22 What CIS Oneedto Know

The email threat landscape is evolving fast. Discover the new tactics cybercriminals are using and how to reduce your risk of falling victim to these modern email attacks.

The Rise of Social Engineering Success: What CISOs Need to Know

Cover Threat of Phishing Blog 04 12 22

Successful phishing attacks have increased by 34% in the last year, making it the most common email attack. Learn why phishing is so dangerous.

Tackling the Increasing Threat of Phishing

Blog krebs cover

If you’re interested in hearing from the true expert in security, plan to join us for a live-only webinar on Thursday, March 17th at 1:00pm ET.

Krebs on Email Security: Understanding the Attacks That Matter Most

Blog cover data privacy day

January 28th is Data Privacy Day, where individuals and organizations alike can take part in the international effort to safeguard privacy and data.

Data Privacy Day: Why It Matters and How to Celebrate It

Blog holiday scams cover

We've arrived at that time of year—a time for reflection and celebration and spending time with family, and also that time of year where the cyber grinches hope to spoil the holiday fun.

Ho, Ho, Holiday Scams… Tips for Staying Safe This Festive Season

Blog csam tools cover

As we close the books on another Cybersecurity Awareness Month, it’s clear that cybersecurity should be a priority all twelve months—not just one. To do so, security teams should emphasize practical tools (the what) and techniques (the how) to keep the company and employees safe.

Tools and Techniques to Engage Employees in Cybersecurity

Blog hiring cybersecurity leaders

As with every equation, there are always two sides and while it can be easy to blame users when they fall victim to scams and attacks, we also need to examine how we build and staff security teams.

Hiring the Right Information Security Leaders for Your Organization

Demo

Schedule a Demo

B EDU Duo MFA Threat Intel Report Blog

Author Callie Hinman

Callie Baron

Author Piotr Wojtyla

Piotr Wojtyla

A phishing campaign targeting higher education steals credentials and Duo OTPs to compromise accounts, exfiltrate data, and launch lateral attacks.

Attackers Steal Duo OTPs to Compromise Higher Ed Accounts

Defensive AI Meets Cover pptx

Jaroslav Kalfar Photo

Jaroslav Kalfar

As the battle between good AI and malicious AI plays out in cloud email environments, CISOs are turning to behavioral intelligence to keep pace.

Defensive AI Meets the Inbox: The CISO Guide for the AI Arms Race

Product

B 1500x1500 BLOG AI Phishing Coach Product Announcement

E03 C83 N442 J U047 UPX5 KLL 1305a10bd70a 512

Ryan Schwartz

Discover how Abnormal transforms security training with personalized phishing simulations, real-time coaching, and fully autonomous program management.

Introducing AI Phishing Coach: Personalized, Autonomous Security Awareness Training

<p> Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.</p>

.css-bmf3w{font-family:inherit;font-size:15px;font-style:normal;font-weight:400;line-height:24px;}Abnormal Blog.css-7dny4u{-webkit-padding-start:12px;padding-inline-start:12px;-webkit-padding-end:12px;padding-inline-end:12px;display:inline;}/Author/Mike Britton

Mike Britton

Abnormal Blog/Author/Mike Britton