Every signature-based rule carries a hidden assumption: that the attack will look roughly the same the next time it shows up. Catalog the known-bad — the malicious domain, the payload hash, the phrasing — and you catch the next instance. That assumption held for years.
It doesn't hold against attacks a model writes on the fly.
The Problem With Cataloging Known-Bad
An AI-generated phishing attack can rewrite itself for every target. New sender infrastructure, new phrasing, no reused payload. There's nothing stable to fingerprint. By the time a rule exists for one variant, the next thousand have already mutated past it. Defenders end up cataloging history while attackers generate the future.
Abnormal builds detection on a different premise. Instead of asking whether we've seen this exact bad thing before, Abnormal baselines what normal looks like for every identity: how a person writes, who they email, which systems they touch, when. An attack doesn't need a known signature to get caught. It just needs to deviate from a baseline that took months to establish and seconds to violate.
Fusing the Signals
The deviation rarely shows up in one place. A login that's plausible on its own. A tone that's slightly off. A request that breaks a relationship pattern. Each is ambiguous alone. Fused together, they're decisive. Abnormal scores the combination, not any single artifact, which is why it holds up against attacks that have never appeared before and never will again.
The shape of "bad" keeps changing. The shape of "normal" is what we model, and that's a far harder thing for an attacker to fake.
See the latest from Abnormal's product and engineering teams.
