Case Studies Account Update / Invoice Fraud Attack

Edit This Case Study Record

	Account Update / Invoice Fraud Attack

Account Update / Invoice Fraud Attack

Technology Category	Analytics & Modeling - Natural Language Processing (NLP) Cybersecurity & Privacy - Identity & Authentication Management Cybersecurity & Privacy - Network Security
Applicable Industries	Telecommunications
Applicable Functions	Business Operation
Use Cases	Fraud Detection
Services	Cloud Planning, Design & Implementation Services Cybersecurity Services System Integration
Challenge	The telecommunications company (TCC) faced a sophisticated invoice fraud attack where an attacker impersonated a legitimate vendor to redirect a payment of over $700,000 to the attacker's account. The attacker used domain impersonation and engaged multiple employees over two months to build credibility and execute the attack. Read More
About Customer	The customer in this case study is a telecommunications company referred to as TCC. Telecommunications companies are critical infrastructure providers that offer a range of services including internet, phone, and television to both consumers and businesses. These companies often handle large volumes of financial transactions and sensitive customer data, making them prime targets for sophisticated cyber-attacks. TCC, like many other companies in this sector, relies on a network of vendors and partners to maintain and expand its services. The company employs a large workforce and has multiple departments that handle various aspects of its operations, from technical support to financial management. Given the scale and complexity of its operations, TCC requires robust security measures to protect against various types of cyber threats, including Business Email Compromise (BEC) attacks. Read More
Solution	Abnormal Security detected and stopped the attempted invoice fraud using its Abnormal Behavior Technology (ABX). ABX combines the Abnormal Identity Model, Abnormal Relationship Graph, and Abnormal Content Analysis to detect and prevent such attacks. Specific techniques used include domain impersonation detection, natural language processing for text analysis, and vendor relationship detection. The solution was implemented in passive mode, allowing for a comprehensive view of the attack lifecycle without impacting email flow. Abnormal Security's platform integrates seamlessly with Office 365 and G Suite, requiring no configuration and minimal setup time. Read More Log in to view content
Contents

Technology Category

Analytics & Modeling - Natural Language Processing (NLP)

Cybersecurity & Privacy - Identity & Authentication Management

Cybersecurity & Privacy - Network Security

Applicable Industries

Telecommunications

Applicable Functions

Business Operation

Use Cases

Fraud Detection

Services

Cloud Planning, Design & Implementation Services

Cybersecurity Services

System Integration

Challenge

The telecommunications company (TCC) faced a sophisticated invoice fraud attack where an attacker impersonated a legitimate vendor to redirect a payment of over $700,000 to the attacker's account. The attacker used domain impersonation and engaged multiple employees over two months to build credibility and execute the attack.

About Customer

The customer in this case study is a telecommunications company referred to as TCC. Telecommunications companies are critical infrastructure providers that offer a range of services including internet, phone, and television to both consumers and businesses. These companies often handle large volumes of financial transactions and sensitive customer data, making them prime targets for sophisticated cyber-attacks. TCC, like many other companies in this sector, relies on a network of vendors and partners to maintain and expand its services. The company employs a large workforce and has multiple departments that handle various aspects of its operations, from technical support to financial management. Given the scale and complexity of its operations, TCC requires robust security measures to protect against various types of cyber threats, including Business Email Compromise (BEC) attacks.

Solution

Abnormal Security detected and stopped the attempted invoice fraud using its Abnormal Behavior Technology (ABX). ABX combines the Abnormal Identity Model, Abnormal Relationship Graph, and Abnormal Content Analysis to detect and prevent such attacks. Specific techniques used include domain impersonation detection, natural language processing for text analysis, and vendor relationship detection. The solution was implemented in passive mode, allowing for a comprehensive view of the attack lifecycle without impacting email flow. Abnormal Security's platform integrates seamlessly with Office 365 and G Suite, requiring no configuration and minimal setup time.

Impact #1	Abnormal Security's platform detected the domain impersonation early, raising suspicion and preventing the fraudulent payment.
Impact #2	The use of Abnormal Behavior Technology (ABX) allowed for high-confidence decisions, ensuring that legitimate transactions were not disrupted.
Impact #3	The platform's natural language processing capabilities helped in understanding the context and sentiment of the emails, aiding in the detection of the fraud attempt.

Impact #1

Abnormal Security's platform detected the domain impersonation early, raising suspicion and preventing the fraudulent payment.

Impact #2

The use of Abnormal Behavior Technology (ABX) allowed for high-confidence decisions, ensuring that legitimate transactions were not disrupted.

Impact #3

The platform's natural language processing capabilities helped in understanding the context and sentiment of the emails, aiding in the detection of the fraud attempt.

Benefit #1	Prevented a financial loss of over $700,000.
Benefit #2	Detected the attack within a 9-week period, minimizing potential damage.
Benefit #3	Enabled quick deployment with one-click integration, reducing setup time.

Benefit #1

Prevented a financial loss of over $700,000.

Benefit #2

Detected the attack within a 9-week period, minimizing potential damage.

Benefit #3

Enabled quick deployment with one-click integration, reducing setup time.

Download PDF Version

Overview

Account Update / Invoice Fraud Attack

Operational Impact

Quantitative Benefit