Abnormal Blog

In this attack, attackers impersonate a company's Human Resources department and send a COVID-19 scan via a lookalike Microsoft Office 365 email. The original message to the recipient appears to originate from the company’s internal human resources email address.

When attempting to gain credentials to a Google account, the best brand to impersonate is likely Google. In this account, threat actors sent an urgent account message to trick recipients into inputting their Google credentials, hoping to trick...

In a recent attack uncovered by Abnormal Security, the attacker impersonates LinkedIn to send a malicious attachment that could lead to identity theft. Once the attachment is opened, the victim is asked to put in personal identifying information, including their social security number.

Gift card fraud has been a staple of cybercriminals for years. Converting gift cards into cash is quick and easy, and attackers are rarely pursued for conducting these scams. Once the attacker has the gift cards, they can use them to purchase items or sell them at a discounted...

PayPal is a well-known money transfer application, used often between friends and family as well as for small businesses. Because PayPal accounts are often linked to credit cards and bank accounts, the company itself is a commonly impersonated brand from attackers...

Because they contain the keys to the financial kingdom and allow attackers direct access to money, banks tend to be some of the most impersonated organizations. In this attack, attackers mimic an automated notification from BB&T in order to steal recipients' online banking...