Abnormal Security Protects Famous Retail Brands Like One Kings Lane and Z Gallerie From Costly Invoice Fraud From Compromised Vendors

• 网络安全和隐私 - 身份认证管理
• 网络安全和隐私 - 网络安全
• 网络安全和隐私 - 安全合规

• 零售

• 商业运营
• 采购

• 欺诈识别

• 网络安全服务
• 系统集成

In the world of retail, the sheer volume of suppliers and invoices processed on a daily basis is central to business operations. For CSC Generation, this challenge is amplified by their aggressive corporate growth strategy. As organizations like CSC Generation move their business to the cloud, their infrastructure transforms, and so do the attacks. According to the most recent 2020 FBI IC3 Report, the number one threat facing organizations are socially-engineered email attacks from compromised vendors. These novel threats evade traditional defenses and require a new approach to stop them. When it comes to pinpointing where the weak link lies, the culprit is often third-party vendors with lax security controls. If their credentials are phished, the results are dangerous to their own organization and partners. To add to the frustration, it’s common for organizations like CSC Generation to have a robust security stack and internal protocols in place to stop traditional attacks. However, even the best-laid plans can still fall short. Despite all of their security checks, CSC Generation was still defrauded out of a significant sum of money through a compromised vendor account.

CSC Generation is a holding company for famous retail brands such as DirectBuy, One Kings Lane, Z Gallerie, and Sur La Table. Their mission is to save retail by leveraging proprietary technology and operating expertise. CSC Generation has thousands of third-party vendors and employs a robust security stack and internal protocols to protect against fraud. Despite their proactive approach to security, they faced a significant challenge with invoice fraud from compromised vendors. The company takes security seriously, with all employees using two-factor authentication and VPNs for log-ins. However, they realized that their security is only as strong as their vendors' security, prompting them to seek a more advanced solution.

CSC Generation turned to Abnormal Security for a solution to their vendor security issues. Abnormal Security uses an API-driven approach that leverages behavioral data science to profile and baseline good behavior to detect anomalies and stop attacks. This cloud-native email security platform can be deployed instantly through a one-click API integration and can extend and complement existing secure email gateways. Abnormal Security's approach is based on three pillars of technology: identity modeling, behavioral and relationship graphs, and deep content analysis. These pillars help profile the known good of an organization and use it to detect and stop abnormal behavior, thereby preventing a broad range of attacks. CSC Generation was able to get up and running with Abnormal Security in just one day, thanks to the one-click API installation. The solution provided them with the confidence that it was the best on the market for stopping vendor attacks.

• CSC Generation realized that their security is tied to their partner ecosystem, prompting a wake-up call to improve vendor security.
• Abnormal Security's API-driven approach allowed CSC Generation to detect and stop vendor attacks that evaded traditional defenses.
• The one-click API integration enabled CSC Generation to deploy Abnormal Security's solution quickly and efficiently.

• CSC Generation was defrauded out of $100,000 due to a compromised vendor account before implementing Abnormal Security.