chat
expand_more

Buckle Up: BEC and VEC Attacks Target Automotive Industry

Research reveals the automotive industry has become a popular target for business email compromise and vendor email compromise attacks. Learn why.
April 10, 2024

While every organization across every vertical is at risk of experiencing advanced email attacks, there are certain industries that, for various reasons, periodically become the go-to target for threat actors. Our research revealed that the automotive industry currently finds itself in the crosshairs of cybercriminals launching business email compromise (BEC) and vendor email compromise (VEC) attacks.

These attacks, designed to deceive employees and extract money or sensitive information, pose a significant threat to an automotive organization’s financial stability and reputation. One alarming case that highlights the severity of the issue is the $37 million loss suffered by auto parts supplier Toyota Boshoku. In this attack, fraudsters used an email scam to manipulate an employee into changing bank account information for a wire transfer.

Although BEC and VEC attacks are on the rise across the board, the data on the automotive industry is especially alarming. Here’s a closer look at what our research uncovered.

Threat Actors Rev Up BEC and VEC Attacks on the Automotive Industry

So why are organizations in the automotive industry particularly popular targets for BEC and VEC attacks? First, high-value transactions for parts and inventory are common. Second, automotive groups rely on complex supply chains and vast vendor ecosystems—providing attackers with ample third parties to impersonate and vulnerabilities to exploit.

Between September 2023 and February 2024, BEC attacks against businesses in the automotive industry increased by 70.5%. This represents 1.7 BEC attacks per week, compared to 1 attack per week during the prior six-month period. The first quarter of 2024 was particularly active, potentially indicating a trend for the rest of the year.

Auto Industry Blog Median Number of BEC Attacks per Week

VEC attacks targeting automotive organizations were similarly elevated between September 2023 and February 2024, with 63% of Abnormal Security customers in the automotive industry experiencing at least one VEC attack. This is a higher rate than experienced by organizations in the energy/infrastructure (54%), hospitality (50%), and finance (35%) industries during the same timeframe.

The financial implications of falling victim to these attacks are substantial, with the average cost of a successful BEC attack exceeding $137,000. Adding to the challenge, these sophisticated social engineering tactics often bypass traditional security measures, leaving employees—notoriously the weakest link in the cybersecurity chain—as the last line of defense.

By impersonating colleagues or trusted vendors through spoofed email addresses or compromised accounts, threat actors trick targets into divulging sensitive information or making unauthorized financial transactions.

Looking Under the Hood of a Real Attack

In the business email compromise attack below, the threat actor posed as the president of a truck dealership and emailed the dealership’s accounts payable department. The message was designed to appear as if the impersonated president was forwarding an invoice from a professional services provider along with his approval to remit payment.

Auto Industry Blog Email E

Example of email attack targeting an organization in the automotive industry

Because this attack has no obvious indicators of compromise and was sent from an established, trusted domain, it is unlikely to be flagged as malicious by a legacy email security system. Additionally, because the attacker took several steps to increase the appearance of legitimacy (e.g., changing the sender display name and email account name to that of the dealership’s president and creating a fraudulent email thread referencing a real business), the average employee would likely believe the message and the request are legitimate.

Clearly, automotive organizations need more sophisticated security to meet the evolving threat landscape head-on.

Defending Automotive Organizations Against Sophisticated Email-Based Attacks

The auto industry faces a rising tide of email attacks that exploit the human element of cybersecurity. Secure email gateways and other traditional security tools cannot detect email threats that rely on social engineering and lack traditional indicators of compromise, such as suspicious links or malicious attachments.

Abnormal’s solution, on the other hand, uses behavioral AI to understand known good behavior and determine when an email or an event is anomalous, enabling it to detect sophisticated attacks that bypass other platforms. Because Abnormal automatically remediates malicious messages, it removes the possibility of end-user engagement. This gives automotive organizations a way to proactively protect themselves against BEC, VEC, and other email-based attacks.


Learn how to protect employee inboxes against the ever-evolving attack landscape in our latest email threat report.

Download the Report
Buckle Up: BEC and VEC Attacks Target Automotive Industry

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Proofpoint Customer Story F500 Insurance Provider
A Fortune 500 insurance provider blocked 6,454 missed attacks and saved 341 SOC hours per month by adding Abnormal to address gaps left by Proofpoint.
Read More
B Malicious AI Platforms Blog
What happened to WormGPT? Discover how AI tools like WormGPT changed cybercrime, why they vanished, and what cybercriminals are using now.
Read More
B MKT748 Open Graph Images for Cyber Savvy 7
Explore insights from Brian Markham, CISO at EAB, as he discusses cybersecurity challenges, building trust in education, adapting to AI threats, and his goals for the future. Learn how he and his team are working to make education smarter while prioritizing data security.
Read More
B Manufacturing Industry Attack Trends Blog
New data shows a surge in advanced email attacks on manufacturing organizations. Explore our research on this alarming trend.
Read More
B Dropbox Open Enrollment Attack Blog
Discover how Dropbox was exploited in a sophisticated phishing attack that leveraged AiTM tactics to steal credentials during the open enrollment period.
Read More
B AISOC
Discover how AI is transforming security operation centers by reducing noise, enhancing clarity, and empowering analysts with enriched data for faster threat detection and response.
Read More