Abnormal Security News

Abnormal Security Highlights The Case Of University Students Targeted By Credential Phishing Attack

With school starting this month, cybercriminals are back in action, targeting university students in an attempt to steal valuable personal information. In a recent attack, uncovered by Abnormal Security, a credential phishing attacker used a legitimate email account and created false urgency, in order to steal student credentials, through a phishing website. Credential phishing attack In this attack, cybercriminals used the real university email of a person on the ‘Student Services Team&...

Abnormal Security Appoints Anita Grantham As The Chief People Officer To Expand Their Business Worldwide

Abnormal Security, the provider of the cloud-native email security platform that leverages behavioral data science to stop modern email attacks, announces the appointment of Anita Grantham as Chief People Officer. Grantham leads all aspects of Abnormal’s talent and culture strategy, including employee experience, recruiting, rewards, retention, and career development. Abnormal protects 100% of the employees at 5% of the Fortune 500. Grantham enables Abnormal to continue expanding worldwid...

Abnormal Security New Threat Research Report Reveals High-Profile Socially-Engineered Email Attacks Drive Record-High Employee Engagement & Fraud

On March 17, the FBI released its seminal annual Internet Crime Report. Once again, socially-engineered attacks (including business email compromise, spoofing, and phishing) by far were the number one cybercrime by financial loss, accounting for $2.1 billion of the $4.2 billion in losses to U.S. businesses and consumers. These attacks utilize impersonations to get companies to transfer money to fraudulent accounts and pose significantly more financial danger to an organization than well-known ta...

Abnormal Security Offers Key Inputs On How To Stop Zero-Day Phishing Attacks, Such As The USAID Attack

The threat actor behind the SolarWinds attack, the Russian-based Nobelium, has orchestrated another successful vendor email compromise attack, this time targeting the United States Agency for International Development (USAID). According to the Microsoft Threat Intelligence Center (MSTIC), Nobelium compromised the USAID’s Constant Contact account, so as to send phishing emails that included links containing malware. Zero-day phishing attacks The incident highlights how zero-day, never-se...

Abnormal Security Highlights The Key Points About The RFQ Attack Scam And How To Counter Such Cyber-Threats

In the RFQ cyber-attack, attackers disguise harmful malware as a ‘Request For Quote’ (RFQ), in order to encourage recipients to download dangerous files. This attack is an impersonation of a ‘Request For Quote’ (RFQ) from a legitimate, outside organization. The attack originates from the throwaway address - info@req-allparts.com, with the reply-to address - glennmauldin@zidnei.com. RFQ attack By using urgent language, the attacker attempts to coax the recipient to click...

Abnormal Security Detects Attacks Due To IRS Impersonation

IRS email impersonations are widespread across all industries. These attacks vary in scale and victim, targeting both individuals and companies as a whole. This particular attack follows the growing trend of utilizing social engineering strategies for malicious engagement, allowing attackers to easily bypass email security solutions that focus on link or attachment-based threat vectors. Summary of attack Platform: Office 365 Mailboxes:5K-50K Bypassed Email Security: Office 365 V...

PPP Extended Coverage Phishing Attack Detected By Abnormal Security

In this attack, attackers impersonate a message from the United States government, claiming to provide information on the Paycheck Protection Program in an attempt to steal valuable credentials. Summary of the attack target Platform: Office 365 Mailboxes: Less than 10,000 Bypassed Email Gateway: Proofpoint Victims: Employees Payload: Link Technique: Impersonation What was the attack? 1) Setup: Fraudulent actors continue to capitalize on the ongoing pandemic by intercepting...

Abnormal Security Highlights The Key Pointers Of ‘LinkedIn Identity Theft’ Attack Scam

In the ‘LinkedIn Identity Theft’ attack, the attacker impersonates a policy change notification from the company, LinkedIn, in order to steal highly confidential information, such as the victim’s social security number. ‘LinkedIn Identity Theft’ attack Cybercriminals constantly search for unique social engineering tactics, in order to dupe their victims. However, in this type of cyber-attack, attackers rely on the reputability and trust bestowed in social media an...

Abnormal Security Assists In Detecting IRS Impersonation Payment Fraud

In this attack, scammers impersonate the IRS to collect a fraudulent payment from their target. Summary of the attack target Platform: Office 365 Bypassed Email Gateway: Proofpoint Mailboxes: 50,000 to 70,000 Payload: Text Technique: Spoofing / Impersonation What was the attack? 1)Setup: The IRS has long been a popular target for impersonation by attackers. This email highlights a more sophisticated IRS impersonation, where a targeted attack is sent from a spoofed sender domain...

Abnormal Security Highlights Recent Russian-Based Ransomware Attack Using Malware Targeting U.S. Industries

This week, Abnormal Security researchers have been tracking recent well-disguised attacks from a Russian criminal enterprise, which are using the Emotet Trojan to drop Ryuk ransomware and BazarLoader for financial gain. Ryuk ransomware attack The Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) issued a warning of an impending attack, using Ryuk ransomware, earlier this week, noting that healthcare and the public sector are the intended targets. Abnormal Sec...

Abnormal Security Helps In Identifying And Detecting Social Media Attacks

Abnormal Security has observed attackers impersonating social media platforms like Instagram, Facebook, and Twitter to steal the login credentials of employee’s major enterprise organizations. In the past two months, it has seen a 60% increase for several organizations with key social media presences. What are the attacks? These attacks impersonate popular social media platforms to deliver phishing emails to influential users of each platform by impersonating Instagram, Facebook, and Twi...