unphish
unphish unphish

unphish Announces Strategic Partnership with Abnormal AI

unphish Announces Strategic Partnership with Abnormal

The partnership combines unphish’s external threat detection and takedown capabilities with Abnormal’s behavioural AI platform, creating coordinated protection from the open internet to the corporate inbox. 

Overview

unphish, the AI-powered phishing detection and takedown platform, today announced a strategic capability partnership with Abnormal AI, the leader in behavioural AI. The partnership marks a major milestone for unphish’s capability alliances and represents a significant step in the company’s mission to deliver comprehensive, layered protection against the modern phishing threat. 

As phishing attacks grow more sophisticated and AI-generated, the traditional model of single-layer defence is no longer sufficient. Attackers now orchestrate campaigns across multiple surfaces simultaneously – registering lookalike domains, deploying fake login pages, creating impersonation accounts on social media, and placing fraudulent advertisements – before pivoting to targeted email campaigns against employees. No single product can address this breadth of exposure alone. 

The unphish-Abnormal AI partnership directly addresses this gap by uniting two complementary layers of protection into a coordinated defence: external threat removal and inbound email security. 

Why we chose Abnormal

The decision to partner with Abnormal was deliberate and grounded in a shared philosophy about how modern phishing defence must work. 

Abnormal AI is the only platform that builds a per-identity behavioural model for every user and vendor – using tens of thousands of signals to understand what “normal” looks like within each organisation. Unlike legacy secure email gateways (SEGs), which rely on static rules and known threat signatures, Abnormal detects threats by identifying deviations from normal behaviour. This approach allows Abnormal to detect attacks that traditional tools miss: business email compromise crafted without malicious links or attachments, AI-generated impersonation attempts, compromised internal accounts sending lateral phishing, and supplier fraud embedded in trusted email threads. 

Abnormal AI is a recognised Leader in the Gartner Magic Quadrant for Email Security Platforms and holds a 99% customer ‘Would Recommend’ rating on Gartner Peer Insights. It deploys in minutes via a native API integration with Microsoft 365 and Google Workspace with no MX record changes, no disruption, no ongoing administrative overhead. 

For us at unphish, the choice was clear: Abnormal is not just a strong email security product. It represents a fundamentally different architecture built for modern, AI-driven threats. Partnering with the best meant partnering with Abnormal. 

Capability Synergies: How the Platforms Complement Each Other

The two platforms operate at different points in the attack lifecycle, and together they address the complete phishing kill chain. 

unphish: Neutralising Threats in the Wild

unphish operates externally – on the open internet, where phishing campaigns are constructed. The platform continuously monitors domains, web content, social media platforms, mobile app stores, and digital advertising networks for signs of brand impersonation, fake login pages, fraudulent stores, and phishing infrastructure. When threats are detected, unphish's AI-powered enforcement engine automatically generates platform-specific takedown requests and pursues removal through registrars, hosting providers, social networks, and advertising platforms.

unphish is used by enterprises across banking, retail, aviation, e-commerce, technology, and education – sectors where brand trust is a material asset and phishing-related fraud causes direct financial harm to customers.

Abnormal: Protecting the Internal Environment

Abnormal protects against inbound email threats by identifying what is abnormal for each user, vendor, and interaction. Once an attacker pivots from infrastructure deployment to targeting employees directly, Abnormal’s behavioural AI is the last line of defence. By analysing behavioural signals across email, identity, and cloud environments, Abnormal detects and blocks the full spectrum of advanced email threats: phishing, spear-phishing, business email compromise, invoice fraud, account takeover, lateral phishing from compromised internal accounts, and AI-generated impersonation. It also extends protection beyond the inbox to cover SaaS application account takeovers, Microsoft 365 security posture misconfigurations, and messaging platforms including Slack, Teams, and Zoom.

Abnormal reduces security team operational overhead by up to 95% through full automation of phishing triage, abuse mailbox management, and incident remediation – allowing security teams to focus on higher-order threats.

Together: Closing the Loop

The combination means organisations benefit from:

  • AI defence outside the inbox: Detection and removal of phishing infrastructure and AI generated attacks before they reaches employees – domains, fake pages, social accounts, malicious ads, and more neutralised at source.
  • AI defence inside the inbox that stops sophisticated attacks that bypass traditional email security – including attacks generated with AI tools that produce flawless, contextually accurate phishing.
  • Reduced dwell time across both the external attack surface and the internal email environment.
  • A coordinated intelligence posture – external threat signals from unphish informing awareness of active campaigns targeting a customer's brand, alongside Abnormal's deep internal behavioural context.

The Bigger Picture: Why Layered Phishing Defence Is Now Essential

The threat landscape has changed materially. The accessibility of generative AI has lowered the barrier to producing convincing phishing content to near zero. Attackers can now generate hyper-personalised emails, realistic lookalike websites, and credible impersonation content at machine scale. Traditional defences – spam filters, static blocklists, awareness training alone – are no longer sufficient against adversaries operating at this level of sophistication. 

Security leaders increasingly recognise that phishing is not an email problem. It is a multi-surface problem that begins long before a message arrives in an inbox. The domain is registered, the fake site is live, the social media account is posting – all before the first phishing email is sent. By the time traditional email security tools encounter the attack, the infrastructure is already operational and the attacker has momentum. 

unphish and Abnormal AI together shift the defensive posture earlier in the kill chain. unphish intercepts campaigns at the infrastructure layer disrupting the attacker’s ability to operate before employees are targeted. Abnormal AI ensures that what does reach the employee is stopped with precision and without false positives that erode user trust in security tooling. 

This is what modern, intelligence-led threat protection looks like: not a single product, but a coordinated set of capabilities that operate across the attack surface in concert. 

About unphish

Protect Your Brand with unphish

unphish is a threat detection and disruption platform built to identify and take down phishingscams, and digital impersonation at scale. We combine intelligence-led detection with automated enforcement to help organisations protect their brand, customers, and digital ecosystem.

See unphish in Action

Detect, Validate, and Take Down Threats Automatically

unphish combines intelligence-led detection with automated enforcement so you can protect your brand, customers, and digital ecosystem without the manual effort.

Create your account