Abnormal Blog

Regional analysis of 1,400+ organizations reveals how geography shapes email security risks. See which regions are most vulnerable to VEC vs BEC.

Brand-specific phishing kits are replacing generic templates. Learn how these custom phishing kits enable sophisticated impersonation attacks.

See how a real vendor email compromise attack fooled multiple employees. Learn why VEC succeeds and how AI makes these threats more dangerous.

FluxPanel turns legitimate ecommerce checkouts into live data theft operations. Learn how this dark web tool works, the role phishing plays, and how to stop attacks at their source.

Learn how threat actors used Flask, a popular Python framework, to build a versatile phishing kit for evasive campaigns that bypass traditional defenses.

New research reveals that employees engage with 44% of read vendor email compromise attacks. See which industries and roles are most vulnerable to this threat.

Email bombing turns trusted sources into a smokescreen, flooding inboxes to distract users and hide follow-up threats.

EvilPanel is a new phishing toolkit built on Evilginx that provides a full-featured web interface for launching MFA-bypassing attacks.

With live session hijacking, OTP interception, and dynamic targeting, the ByteDance Live Panel phishing-as-a-service kit gives attackers the upper hand against traditional defenses.

Threat actors used DKIM replay to send Google-branded phishing emails that passed authentication checks. Here’s how the attack worked and why it’s hard to catch.

Learn how XFiles uses fileless malware, Cloudflare Turnstile widgets, and phishing emails to steal login details, cryptocurrency wallets, and access to corporate systems.

Discover how cybercriminals use Atlantis AIO to automate credential stuffing attacks—and how AI-driven security can stop them before accounts are compromised.

Black Basta is a highly active ransomware-as-a-service (RaaS) group that has been linked to dozens of high-profile attacks against organizations worldwide. See how they utilize generative AI to support their campaigns.

Threat actors impersonated Zoom using an AI-generated phishing page to deliver a remote monitoring and management tool.

Cybercriminals are exploiting trusted tools like Canva, Figma, and Lucidchart for phishing. Learn how these attacks work—and how to protect your business.

CryptoGrab, a global cryptocurrency affiliate network, has been defrauding users of millions for more than 5 years using phishing emails and other tactics.

Explore the risks of open redirects and how they enable attackers to circumvent email security.

Explore new research on how AI is amplifying the impact of BEC and VEC attacks and learn how to defend against these evolving email security threats.

Cybercriminals misuse Google services for phishing, ad hijacking, and more. Learn five attack methods and how to protect your accounts.

Threat actors are exploiting Docusign to bypass traditional email security, but Abnormal Security’s AI-powered platform stops these attacks by detecting behavioral anomalies in real time.

A new phishing campaign targeting Microsoft ADFS bypasses MFA with social engineering and technical deception. Learn how attackers take over accounts—and how to stop them.

Cybercriminals use GhostGPT, an uncensored AI chatbot, for malware creation, BEC scams, and more. Learn about the risks and how AI fights back.

Explore how threat actors exploit Punycode in email attacks and learn how AI-driven solutions can protect against these threats.

Learn how attackers use Google Translate's URL redirection for phishing, exploiting Google’s trust to deceive users and bypass security.