Skip to content

Abnormal Security Raises $210 Million in Series C Funding Round

Email security company Abnormal Security Corp. has raised $210 million in a Series C funding round led by Insight Partners.

Based in San Francisco, Abnormal uses machine learning and other forms of artificial intelligence to detect potential cyberattacks launched through cloud-based email systems such as Microsoft Corp.’s

Office 365 or Alphabet Inc.’s

Gmail. These include targeted and social-engineering attacks and business email compromise attempts. They also include supply-chain infiltrations, where hacker emails might not include typical nefarious elements, such as malware attachments or malicious links.

The company’s funding round also saw participation from venture capital investors Greylock Partners and Menlo Ventures.

Chief Executive Evan Reiser, who ran Twitter Inc.’s

targeted advertising unit before starting Abnormal four years ago, said it applies behavioral data science techniques to build profiles of users. Anomalous activity, such as emailing through a personal account, changes in tone or language, and other factors are analyzed to determine whether, for instance, a request to quickly pay an invoice to a vendor, could be a fraud attempt. Suspicious activity is flagged for further investigation.

“The real challenge customers have is stopping an attack that no one has seen before. To do that, obviously, you can’t use your knowledge of prior bad stuff, so it requires a fundamentally different approach and that was the insight that caused us to take what we built in the ad world and move that into cybersecurity,” Mr Reiser said.

Abnormal’s funding round, which brings the company’s valuation to around $4 billion, will primarily be used to further develop the company’s technology, Mr. Reiser said. It will also fuel international expansion, particularly into regions that require a local presence because of data-residency and sovereignty laws.

The funding comes as cybercrime involving email reaches all-time highs. The Federal Bureau of Investigation said that business email compromise accounted for around $43 billion in company losses between 2016 and 2021, a number that experts say is likely to be conservative because of underreporting of incidents.

Cyberattacks such as ransomware and other malware use email as an entry point for wider access to company systems, often relying on bulk phishing attempts to get users to click on links or open payloads. Security chiefs, however, say they have seen an uptick in more sophisticated attack attempts in recent years, which are often tailored to the target and can be difficult to identify as fraudulent.

“Any traditional email security gateway can detect spam, phishing and all those things, but we started seeing very low volume, but extremely high-risk attacks coming through,” said Gopal Padinjaruveetil, chief information security officer at automotive insurer Auto Club Group-AAA . “These were specifically targeted attacks for financial crime,” he said.

The rise in these attacks coincided with work-from-home orders as a result of the coronavirus pandemic, Mr. Padinjaruveetil said, creating widespread vulnerabilities as stressed and distracted employees sometimes struggled to maintain security awareness.

“They just need one person to click on that link and download the malware, and then everything can go sideways,” he said. Auto Club Group deployed Abnormal as an extra line of defense in its email security program, operating alongside built-in security from its email provider and an additional security vendor acting as a gateway.

Jorel Van Os, CISO at insurance broker Acrisure LLC, said that the application of Abnormal’s artificial intelligence allows him to not only detect attacks that would otherwise pass by traditional email security platforms, but also examine the hundreds of data points that are analyzed to reach a decision that an email is suspicious.

Such features used to be nice to have, but increasingly, commercial pressures are forcing companies to demonstrate that they are going beyond basic email protections. Insurance carriers, for instance, are now asking what potential insureds are doing in addition to the basic protections they receive from Microsoft and Google, Mr. Van Os said.

“Cybersecurity liability insurance applications have changed dramatically because there’s been so many losses in the last few years from those. So you’re seeing that evolve very, very quickly,” he said.

Write to James Rundle at

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8


Leave a Reply

Your email address will not be published.