Q1 2021: The Rising Threat of Vendor Email Compromise

The historic attack on SolarWinds opened the world’s eyes to supply chain attacks from compromised vendor email accounts. Abnormal Security sees clear evidence that the same technique used in the SolarWinds attack—vendor email compromise—is going mainstream.

Download the threat report to learn:

  • How the volume of VEC attacks has grown over the last six months
  • Why these attacks are so costly, with the average attack running $183,000
  • Which goals, including invoice fraud and RFQ scams, are most successful
  • What approaches organizations can take to protect themselves from VEC

Fill out the form to download the VEC threat report today.

After reading this report, you are eligible for .5 CPE credits through (ISC)².

Supply chain communications are trusted and typically convey a sense of urgency, making it easy for these types of attacks to blend in with legitimate and valid emails. Since the attacks come from trusted yet impersonated or compromised vendor accounts, organizations often cannot detect when an attack is underway until it’s too late.

These attacks highlight the importance of tools to ensure supply chain security like VendorBase Abnormal’s global, federated database of vendor and customer behaviors to stop supply chain compromise. VendorBase continuously monitors communications between vendors and partners, and provides a real-time, stateful risk assessment enabling Abnormal to stop these targeted supply chain attacks.

Interested in learning more about how Abnormal can protect you from VEC? Request a demo today.

Download Now

Related Resources

B Vendors as Your Largest BEC Threat 07 07 22
Threat actors have shifted their strategy—moving away from internal impersonation and instead focusing on impersonating third parties. Watch the webinar to learn more about this new threat: financial supply chain compromise.
Watch Now
Report fscc cover
For years, executives were the go-to impersonated party in business email compromise attacks. Now, threat actors are opting to impersonate vendors and suppliers instead.
Download Now
H1 threat report cover
From June-December 2021, Abnormal Security discovered that nearly all types of advanced email attacks grew in frequency, with a new trend of phone fraud using email as the first contact.
Download Now
Webinar cover 3
While you may be confident in your own email security, the truth is that your security is only as good as the security of your partners and vendors. Discover why vendor email compromise is such an important part of your security strategy.
Watch Now
Threat report 2
Attackers are leveraging social engineering to drive significantly higher engagement and account takeover. In the Q2 2021 threat report, Abnormal found that attacks are growing at significant rates, as threat actors leverage social engineering strategies to bypass SEGs and drive engagement.
Download Now
Threat report 1
Cybercriminals upped their game over the last quarter—increasing the number of credential phishing attacks and account takeover attempts. In our quarterly threat report, Abnormal Security discovered significant increases in the number of brute force attacks and impersonation attempts.
Download Now
B 03 25 22 CISCO Guide to VEC
Supply chain compromise attacks can cause substantial financial loss through invoice or payment fraud. Learn how and why attackers leverage compromised accounts from vendors to launch attacks that are specifically designed to bypass traditional email security.
Download Now