January 22, 2021

Category: Abnormal Security

Abnormal Security

Ebay Gift Card Invoice Attack

In this attack, attackers utilize a lookalike domain to impersonate Ebay in an attempt to trick users into sending over payment in gift cards. Quick Summary of Attack Target Payload: The payload for this attack is neither a link nor a malware attachment. Like most gift card fraud, it’s entirely text based – the body […]

Read More
Abnormal Security

What’s New: Week of Jan 11-15 – Improved Malicious Spoof Model and Location Risk Model for Account Takeovers

Improved Malicious Spoof Model – Abnormal has improved its ability to detect internal spoof messages with a forged sender address. This model catches an order of magnitude more internal spoofs than previous models. Customers benefit from improved detection of catching these types of attacks. Improved Location Risk Model for Account Takeovers – Abnormal has improved […]

Read More
Scaling in a High-Growth Environment
Abnormal Security

Scaling in a High-Growth Environment

At Abnormal, the problems we are trying to solve are not that much different than those being tackled by other organizations, including non-startups. What is unique to startups are the additional constraints placed on the solution space, such as the amount of time/money/engineers that can be thrown at a problem. In this series, we will […]

Read More
Abnormal Security

Spoofed PayPal Phishing Attack

In this attack, attackers use a method known as spoofing to impersonate PayPal, leading recipients to a phishing page. Quick Summary of Attack Target Platform: Office 365Mailboxes: More than 10,000Bypassed Email Security: IronportVictims: EmployeesPayload: Malicious LinkTechnique: Spoof What was the attack? Setup: Because PayPal accounts are linked to credit cards and bank accounts, PayPal itself is a […]

Read More
Abnormal Security

What’s New: Week of Jan 4-8 2021 – Improved G Suite Support and Splunk Integration

Improved G Suite Support Abnormal created the following improvements to G Suite tenants: Improved ability to remediate mass mailing-list campaigns  Improved G Suite onboarding support to reduce time to POV integration Customers benefit from lowered risk for mailing-list type of attack campaigns from residing in their email environment. New Abnormal customers also benefit from reduced […]

Read More
BB&T Bank Impersonation Phishing
Abnormal Security

BB&T Bank Impersonation Phishing

In this attack, attackers impersonate an automated notification from a well-known bank in order to steal recipients’ online banking login credentials. Quick Summary of Attack Target Platform: Office 365Mailboxes: 5,000 – 50,000Bypassed Email Security: Office 365Victims: EmployeesPayload: Malicious LinkTechnique: Impersonation What was the attack? Setup: Cybercriminals are increasing their efforts in an especially vulnerable time to access […]

Read More
Abnormal Security

What’s New: Week of Dec 21-25 2020 – Improved Customer Report Portal and Inbound Attack Detection

Customer Report Portal Improvements – Abnormal now sends automated email notifications when resolving a potential missed attack reported by the customer.  Additionally, the Customer Report Portal now supports false positive analysis in addition to missed attack analysis. Every message manually moved back to the user’s inbox will receive an in depth analysis. This analysis will […]

Read More
USPS Credential Phishing
Abnormal Security

USPS Credential Phishing

In this attack, attackers impersonate a USPS package tracking page to steal credit card credentials. Quick Summary of Attack Target Platform: Office 365Mailboxes: 15,000 – 50,000Bypassed Email Security: IronPointVictims: EmployeesPayload: Malicious LinkTechnique: Impersonation What was the attack? Setup: With holiday delivery deadlines quickly approaching and online orders continuing to pour in, courier services are facing increasing pressure […]

Read More
Abnormal Security

What’s New: Week of Dec 14-18 2020 – Improved Abuse Mailbox

Improved Abuse Mailbox – We’ve updated Abuse Mailbox to include new reporting features and functionality. In the Dashboard, there is a new Abuse Mailbox tab where customers can see charts and graphs with configurable time periods for various metrics such as Phishing Emails Reported and Reporting Trends. These reports are also downloadable via PDF.  New […]

Read More