Case Study: Valvoline stops evolving email threats and saves $600K with Abnormal AI

Valvoline Inc. Replaces SEG with Autonomous AI to Stop Evolving Threats

Valvoline, a Fortune 1000 automotive services company with 1,900+ Instant Oil Change locations and 9,100+ protected mailboxes, was battling sophisticated email threats—spear phishing and costly invoice fraud—that bypassed its SEG, Microsoft 365 native controls, and an API-based solution. To reduce reliance on employees for threat detection and free up SOC resources, Valvoline turned to Abnormal AI and deployed its Inbound Email Security, Account Takeover Protection, AI Security Mailbox, and Email Productivity tools.

Abnormal AI baselined Valvoline’s human behavior to automatically identify and stop malicious emails and account takeovers, triaging user reports via the AI Security Mailbox and integrating with Valvoline’s SIEM so analysts could focus on higher-priority work. The deployment enabled Valvoline to retire two legacy solutions (SEG and the API-based tool) and delivered measurable results: $600K saved by stopping a recurring invoice fraud attack, ~480 analyst hours saved per month, and improved detection of threats such as malicious QR-code attacks.

Valvoline

Corey Kaemming

Senior Director, Information Security