From CEO Fraud to Vendor Fraud: The Shift to Financial Supply Chain Compromise

For years, executives were the go-to impersonated party in business email compromise attacks. Now, threat actors are opting to impersonate vendors and suppliers instead.

For years, executives were the go-to impersonated party in business email compromise (BEC) attacks. Recently, however, attackers have adjusted their strategies—opting to impersonate third-party vendors and suppliers instead.

In January 2022, the number of attacks impersonating third parties surpassed those impersonating internal employees for the first time. This trend has continued each month since, with third-party impersonations making up 52% of all BEC attacks in May 2022.

Download the threat intelligence report for valuable insight into financial supply chain compromise, including:

What the four types of supply chain compromise look like
How threat actors impersonate vendors in two specific ways
Why BEC attacks impersonating executives have decreased 17% year-over-year

See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

See a Demo

Related Resources

Business Email Compromise Webinars

The Devastating Impact of Business Email Compromise

Business email compromise (BEC) is no joke, and it continues to increase—despite increased awareness of the issue. Learn about the future of BEC attacks in this on-demand webinar.

Watch Now

B Vendors as Your Largest BEC Threat 07 07 22

Business Email Compromise Supply Chain Compromise Webinars

Vendors as Your Largest BEC Threat: The Shift to Financial Supply Chain Compromise in 2022

Threat actors have shifted their strategy—moving away from internal impersonation and instead focusing on impersonating third parties. Watch the webinar to learn more about this new threat: financial supply chain compromise.

Watch Now

Business Email Compromise Ransomware Webinars

Ransomware and BEC in the Cyber Threat Landscape: Past vs. Present, Perception vs. Reality

Colonial Pipeline. CNA Financial. Quanta. Even the NBA. Hardly a week goes by without a ransomware story hitting the news, as organizations worldwide are targeted by an attack. But are there more dangerous threats out there?

Watch Now

Business Email Compromise Email Security Supply Chain Compromise Threat Reports

H1 2022: Fraudsters Use Email in Phone Scams, Targeting 89% of Organizations

From June-December 2021, Abnormal Security discovered that nearly all types of advanced email attacks grew in frequency, with a new trend of phone fraud using email as the first contact.

Download Now

Business Email Compromise Webinars

CISO Fireside Chat: Hacking and Cybersecurity in a New Era

Rachel Tobac talked to Abnormal Security's CISO Mike Britton about hacking, social engineering attacks, and how to protect your organization.

Watch Now

Business Email Compromise Webinars

Beyond Spam and Phishing: Emerging Email-Based Threats

Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks.

Watch Now

Business Email Compromise Webinars

CISO Fireside Chat: The Business Email Compromise Problem

CISOs deal with a multitude of threats that can have significant financial and reputational impacts. Of those threats, business email compromise is the #1 attack type, costing businesses almost as much as all other cybersecurity incidents combined.

Watch Now

Business Email Compromise Webinars

CISO Fireside Chat: Key Insights to Prevent Never-Before-Seen Cyber Attacks

Traditional cybersecurity infrastructure can’t stop new and emerging threats, particularly in the email channel, and cybercriminals are constantly changing their methods to stay one step ahead. Hear how Theresa Payton, first female White House CIO, thinks about these attacks.

Watch Now