Information Technology Abnormal Security - Protecting Your Inbox

Overwhelmed by scrutinizing your email only to find you don’t need it, don’t want it, and don’t know if you should click, reply, or open attachments? Abnormal Security automatically detects and removes email-borne threats from your inbox so you won’t have to deal with them. 

The following provides additional detail and common questions that are asked about Abnormal Security.  If you have other questions, please contact AskIT so we can address them.  We will add them to this FAQ because others in our community may have the same question.  

What is Abnormal Security?

Abnormal Security is a new tool that uses machine learning capabilities to identify and remediate email-borne attacks which is our most common threat vector. 

Why are we using Abnormal Security?

On average, the college receives more than 14 phishing attacks per day affecting many of our community members.  These clutter our inboxes and require us all to spend extra effort to make sure messages are legitimate - distracting us from our work and our studies.

This tool provides a sandbox where we can safely explore attachments and links to better understand the threats without risking College systems.

With Abnormal Security, we are also able to detect unusual login activity, mail rule filter changes, changes in email content and tone, and unusual recipients that indicate account compromise - giving us a quicker response to protect you and the College from damage and data breaches.

How does Abnormal Security impact me?

Abnormal Security automatically detects dangerous and suspicious messages and removes them from your inbox.  

You still need to be mindful of email-borne threats, but the number of malicious messages you receive will be dramatically reduced.

An email message appeared and disappeared from my inbox without me doing anything - should I be concerned?

Abnormal Security processes messages in a sandbox after the message arrives in our email environment.  This can lead to messages being delivered and then remediated if they are found to pose a threat.  This happens in milliseconds but if you are watching your inbox like a hawk, you may see the message appear then disappear - almost in the flicker of an eye.  This is normal, but if you are concerned, please contact AskIT so we can confirm that the removal was part of the security tool and not something else.  

An email message I was expected to receive has not arrived and I do not see it in my SPAM folder - what should I do?

Please open an AskIT ticket so we can confirm if the message arrived and if there were any concerns with the message content.  Sometimes the tool could make mistakes and incorrectly identify a given message as a threat.  If this happens, AskIT can recover the message and report the issue to our security partner to help the tool learn about the situation.

What should I do if I find a suspicious email in my inbox?

Please forward the email to phishing@amherst.edu so we can assess and help improve the tool.