abnormal-security-threatslisted

# Abnormal Security Threat Detection & Analysis ## Overview Abnormal Security uses behavioral AI to detect email threats that bypass traditional secure email gateways (SEGs). Unlike signature or rule-based detection, Abnormal profiles normal communication patterns and detects deviations indicative of attacks. This skill covers threat types, attack vectors, severity assessment, remediation, and investigation workflows. ## Threat Types | Type | Description | Severity Range | |------|-------------|----------------| | **BEC (Business Email Compromise)** | Impersonation of executives or trusted contacts to request financial actions | High - Critical | | **Credential Phishing** | Emails designed to harvest credentials via fake login pages | Medium - Critical | | **Malware** | Emails containing malicious attachments or links to malware downloads | High - Critical | | **Extortion** | Threatening emails demanding payment (sextortion, DDoS threats) | Medium - High | | **Social Engineering** | Manipulation attacks using urgency, authority, or trust | Medium - Critical | | **Spam** | Unsolicited bulk email | Low | | **Graymail** | Marketing, newsletters, and promotional content | Low | | **Scam** | Advance-fee fraud, fake invoices, lottery scams | Medium - High | | **Supply Chain Compromise** | Attacks from compromised vendor or partner email accounts | Critical | ### Detection Approach | Engine | Description | What It Detects | |--------|-------------|-----------------| | **Behavi