Q1 2021: The Rising Threat of Vendor Email Compromise

The historic attack on SolarWinds opened the world’s eyes to supply chain attacks from compromised vendor email accounts. Abnormal Security sees clear evidence that the same technique used in the SolarWinds attack—vendor email compromise—is going mainstream.

Download the threat report to learn:

  • How the volume of VEC attacks has grown over the last six months
  • Why these attacks are so costly, with the average attack running $183,000
  • Which goals, including invoice fraud and RFQ scams, are most successful
  • What approaches organizations can take to protect themselves from VEC

Fill out the form to download the VEC threat report today.

Supply chain communications are trusted and typically convey a sense of urgency, making it easy for these types of attacks to blend in with legitimate and valid emails. Since the attacks come from trusted yet impersonated or compromised vendor accounts, organizations often cannot detect when an attack is underway until it’s too late.

These attacks highlight the importance of tools to ensure supply chain security like VendorBase Abnormal’s global, federated database of vendor and customer behaviors to stop supply chain compromise. VendorBase continuously monitors communications between vendors and partners, and provides a real-time, stateful risk assessment enabling Abnormal to stop these targeted supply chain attacks.

Interested in learning more about how Abnormal can protect you from VEC? Request a demo today.

Fill out the form to access:

Related Resources

Video 1
Abnormal can determine when legitimate end users have accessed accounts, or when a bad actor has accessed them, by understanding key attributes like common IP addresses, or if the device has been accessed...
Read More
Webinar cover 4
CISOs deal with a multitude of threats that can have significant financial and reputational impacts. Of those threats, business email compromise is the #1 attack type, costing businesses almost as much as all other cybersecurity incidents combined.
Read More
Video 2
Socially engineered email attacks are the #1 security threat facing companies today, accounting for more than 44% of all cybercrime losses. To stop these types of sophisticated email attacks, you need a fundamentally new approach to email security.
Read More
Video 1
With Abnormal, security teams can now eliminate redundant email gateways and enhance Microsoft's built-in security capabilities. Once integrated via one-click API, Abnormal automatically profiles your VIPs and employees, their behavior, relationships, communication patterns...
Read More
Data sheet 1
Protect your end users from the full spectrum of targeted email threats: phishing, ransomware, fraud, social engineering, supply chain attacks, executive impersonation, spam, and graymail. Integrate with Microsoft 365 and Google Workspace via a one-click API without disrupting mail flow. No MX record changes, configuration, or custom policies are needed.
Read More
Data sheet 4
Supercharge your SOC workflows and save time with AI-assisted investigation, auto-remediation, follow-up, and reporting. Abnormal provides a frictionless method for user-reported phishing attacks to be submitted, triaged, and reviewed.
Read More
Data sheet 3
By understanding normal behavior, Abnormal can detect any deviations in these baselines to uncover potentially compromised accounts and then immediately remediate them. When left undetected, attackers can use compromised accounts to exfiltrate sensitive data or send lateral phishing emails.
Read More
Data sheet 2
Secure email gateways struggle to block socially-engineered attacks that pass reputation checks, have no links or attachments, and appear to come from trusted sources. The Abnormal Integrated Cloud Email Security (ICES) platform profiles known good behavior and analyzes over 45,000 signals to detect anomalies.
Read More
Webinar cover 2
Ransomware is a major problem, and it’s not going away. To understand it, we must understand why threat actors turn to it—and how it can be stopped. The best way to do that is to chat with the masterminds behind these attacks.
Read More
Webinar cover 1
Traditional cybersecurity infrastructure can’t stop new and emerging threats, particularly in the email channel, and cybercriminals are constantly changing their methods to stay one step ahead. Hear how Theresa Payton, first female White House CIO, thinks about these attacks.
Read More
Webinar cover 3
While you may be confident in your own email security, the truth is that your security is only as good as the security of your partners and vendors. Discover why vendor email compromise is such an important part of your security strategy.
Read More
Threat report 3
Read the Q1 2021 threat report to learn the latest on vendor email compromise, including which scams are most successful and why the volume of attacks has grown so significantly.
Read More