An Overview of Vendor Risks: Tips for Vendor Procurement and Security Assessments

Learn the biggest risks associated with your vendor relationships and how to protect your organization from Vendor Email Compromise (VEC) attacks.
June 1, 2023

Relationships with vendors are integral to your business and brand, but each company that you partner with poses an additional risk. Ideally, you and your vendors should be able to trust and stand by each other; unfortunately, though, threat actors are always poised to exploit any gap in your security posture. Vendor Email Compromise (VEC) weaponizes email—that convenient, useful conduit between companies and their vendors. VEC attacks are increasingly ingenious and bold, making messages appear to originate from trusted accounts. Criminals are resourceful in invading vendor email accounts and using legitimate invoicing information to target your employees.

Vendor email compromise is the malicious, unauthorized use of access to an email account for the purpose of targeting trusted partners. For the first time, 2022 saw vendor email attacks actually surpass those masquerading as internal workers. Third-party impersonations now constitute 52% of all BEC attacks. And we can expect that trend to rise. To get to you, criminals first compromise your outside vendor, and then trick that company into passing along a whole spectrum of misery, from fake invoices to credential phishing to malware, ransomware, and more.

VEC Seizes Prominence in Email Attack Strategy

You may cautiously evaluate new vendors, but crooks are patient, and time is on their side. With the passage of months, your guard tends to drop, and the risk grows as you learn to trust vendor email identities. Abnormal research reveals that only 2.1% of all attacks landing in end-user inboxes are reported to the SOC team! You need to stay alert to the escalating danger from third parties and keep your guard up.

When a malicious email arrives—ostensibly from a vendor that you have previously worked with—the chance that you’ll recognize the attack decreases. It’s difficult for employees to identify a scam in a known, familiar email address. And VEC is particularly effective because threat actors use ‘real’ vendor email accounts and legitimate invoicing information to target you.

Basic Technology Architecture Enables VEC Attacks

These days, nearly all organizations, from global enterprises to startups rely on outside partners and third-party vendors for the features or services they need. This supply chain must share data to accomplish its purposes, and cybercriminals exploit that need. They breach and exfiltrate high-value data: proprietary information, personal credentials, and sensitive financial information. Sophisticated social engineering even mimics email writing styles and mentions personal information like travel plans to put a recipient off guard and sound credible.

Three-Way Defensive Strategy Protects You from VEC Campaigns

1. Conduct a thorough vendor risk assessment.

These days, VEC effortlessly slips past reputation checks, attachment scans and other conventional email defenses. SEGs are no longer reliable to catch advanced VEC, BEC, and credential theft. Abnormal, on the other hand, is far more effective than traditional email security to spot compromised vendor accounts. Abnormal learns the behavior of every identity within and outside of an organization, analyzing communications between all senders and recipients,— including the vendors in your supply chain. The platform correlates behavioral identity information with tens of thousands of context signals to precisely identify suspicious anomalies.

2. Make sure you have continuous visibility in monitoring the risk of these vendors.

Gartner advises, “Look for email security solutions that use ML- and AI-based technology for BEC protection to analyze conversation history to detect anomalies.” Abnormal VendorBase™ employs behavioral AI, machine learning models, natural language processing, and computer vision to deliver a baseline of communication patterns. Our technology detects and tracks invoice information and banking details, while deep content analysis examines tone, intent, attachments, and URLs of every email. AI speed and accuracy let us deliver a vendor risk score and assessment with every email. Changes across the supply chain show up instantly to blow the whistle on attackers and support your decision-making process.

3. Rely on onboard security solutions to detect, analyze, and mitigate the continuous risk of VEC.

Abnormal is a VEC specialist, tracking every vendor you deal with, at all times, to spot compromises. By understanding normal behavior, Abnormal can detect when changes have occurred across the supply chain and use that risk information to make decisions on incoming messages. VendorBase inventories your vendors across email, as well as tracking engagement activities and assessing risk. With VendorBase, it doesn’t matter that an attack may emanate from a legitimate vendor account. It’s detected and caught anyway, and you’re protected from harm.

Increase Visibility and Avoid VEC with Abnormal

Abnormal makes preventing vendor email compromise an easy process, with no manual configuration required. The platform natively integrates into your cloud office environment; our cloud-native, API-based approach means no delay in email delivery time, with all inspection and scanning performed in memory. When an email deviates from this baseline, Abnormal automatically remediates the message and thwarts the attack, protecting your organization from vendor fraud and a spectrum of additional attacks.

Interested in learning more about how Abnormal protects you and your vendors?

Schedule a Demo
An Overview of Vendor Risks: Tips for Vendor Procurement and Security Assessments

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Posts

B 1500x1500 Adobe Acrobat Sign Attack Blog
Attackers attempt to steal sensitive information using a fraudulent electronic signature request for a nonexistent NDA and branded phishing pages.
Read More
B 4 15 24 RBAC
Discover how a security-driven RBAC design pattern allows Abnormal customers to maximize their user setup with minimum hurdles.
Read More
B 4 10 24 Zoom
Learn about the techniques cybercriminals use to steal Zoom accounts, including phishing, information stealers, and credential stuffing.
Read More
Social Images for next Cyber Savvy Blog
Explore how Alex Green, the CISO of Delta Dental, safeguards over 80 million customers against modern cyber threats, and gain valuable insights into the cybersecurity landscape.
Read More
B Images for EDB Blog from Sanjay
Abnormal is excited to announce the establishment of a strategic partnership with the Singapore Economic Development Board (EDB).
Read More
B Automotive Data Blog
Research reveals the automotive industry has become a popular target for business email compromise and vendor email compromise attacks. Learn why.
Read More