Abnormal Blog

At the core of all Abnormal’s detection products sits a sophisticated web of prediction models. For any of these models to function, we need deep and thoughtfully engineered features, careful modeling of sub-problems, and the ability to join data from a set of databases. For example, one type of email attack...

In a recent attack uncovered by Abnormal Security, the attacker impersonates LinkedIn to send a malicious attachment that could lead to identity theft. Once the attachment is opened, the victim is asked to put in personal identifying information, including their social security number.

Abnormal Security recently detected two new types of attacks where scammers are targeting victims by redirecting their own Microsoft 365 out-of-office replies as well as read receipts back to them. These tactics indicate attackers are using every available tool and loophole...

Gift card fraud has been a staple of cybercriminals for years. Converting gift cards into cash is quick and easy, and attackers are rarely pursued for conducting these scams. Once the attacker has the gift cards, they can use them to purchase items or sell them at a discounted...

At Abnormal, the problems we are trying to solve are not that much different from those being tackled by other organizations, including large enterprises. What is unique to startups are the additional constraints placed on the solution space, such as the amount...

PayPal is a well-known money transfer application, used often between friends and family as well as for small businesses. Because PayPal accounts are often linked to credit cards and bank accounts, the company itself is a commonly impersonated brand from attackers...

Because they contain the keys to the financial kingdom and allow attackers direct access to money, banks tend to be some of the most impersonated organizations. In this attack, attackers mimic an automated notification from BB&T in order to steal recipients' online banking...

On October 21st, 2020, just two weeks before the US general election, many voters in Florida received threatening emails purportedly from the “Proud Boys." These attacks often included some personal information like an address or phone number, threatened violence...

At Abnormal Security, one of our key objectives is to build a detection engine that can continuously adapt to a changing attack landscape. As such, we want to ensure that our systems can rapidly adjust to recent and high-value messages—even with...

When we founded Abnormal Security more than two and a half years ago, we met with 50 top CIOs and CISOs who told us two things: they needed a solution to stop a novel set of cyberattacks that increasingly bypassed legacy email security solutions, and they needed it...

Sophisticated social engineering email attacks are on the rise and getting more advanced every day. They prey on the trust we put in our business tools and social networks, especially when a message appears to be from someone on our contact list, or even...

When Abnormal Security was founded, our engineering and data science teams were focused on solving the toughest—and most expensive—email security problem for enterprises: business email compromise, or BEC. Fast-forward to today and Abnormal serves some of the largest enterprises...

Abnormal Security has detected an increase in business email compromise (BEC) attacks that successfully compromise email accounts, despite multi-factor authentication (MFA) and Conditional Access. While MFA and modern authentication protocols...