Abstract White Logo Closeup

From CEO Fraud to Vendor Fraud: The Shift to Financial Supply Chain Compromise

For years, executives were the go-to impersonated party in business email compromise (BEC) attacks. Recently, however, attackers have adjusted their strategies—opting to impersonate third-party vendors and suppliers instead.

In January 2022, the number of attacks impersonating third parties surpassed those impersonating internal employees for the first time. This trend has continued each month since, with third-party impersonations making up 52% of all BEC attacks in May 2022.

Download the threat intelligence report for valuable insight into financial supply chain compromise, including:

  • What the four types of supply chain compromise look like

  • How threat actors impersonate vendors in two specific ways

  • Why BEC attacks impersonating executives have decreased 17% year-over-year

Download Now

Related Resources

B 07 20 22 Devastating
Business email compromise (BEC) is no joke, and it continues to increase—despite increased awareness of the issue. Learn about the future of BEC attacks in this on-demand webinar.
Watch Now
B Vendors as Your Largest BEC Threat 07 07 22
Threat actors have shifted their strategy—moving away from internal impersonation and instead focusing on impersonating third parties. Watch the webinar to learn more about this new threat: financial supply chain compromise.
Watch Now
Webinar cover 3
Colonial Pipeline. CNA Financial. Quanta. Even the NBA. Hardly a week goes by without a ransomware story hitting the news, as organizations worldwide are targeted by an attack. But are there more dangerous threats out there?
Watch Now
H1 threat report cover
From June-December 2021, Abnormal Security discovered that nearly all types of advanced email attacks grew in frequency, with a new trend of phone fraud using email as the first contact.
Download Now
Webinar hacking tobac cover
Rachel Tobac talked to Abnormal Security's CISO Mike Britton about hacking, social engineering attacks, and how to protect your organization.
Watch Now
Webinar beyond spam cover
Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks.
Watch Now
Webinar cover 4
CISOs deal with a multitude of threats that can have significant financial and reputational impacts. Of those threats, business email compromise is the #1 attack type, costing businesses almost as much as all other cybersecurity incidents combined.
Watch Now
Webinar cover 1
Traditional cybersecurity infrastructure can’t stop new and emerging threats, particularly in the email channel, and cybercriminals are constantly changing their methods to stay one step ahead. Hear how Theresa Payton, first female White House CIO, thinks about these attacks.
Watch Now