Vendor Email Compromise requires first taking control of a strategic email account within the victim organizations. According to new data, cybercriminals are getting really good at this.
Vendor Email Compromise – an attack where an email account is actually taken over rather than simply spoofed as seen in business email compromise attacks – can have a far greater impact on the organization. Emails coming from a threat actor-controlled legitimate email account are much harder, if not impossible, to discern as being malicious in nature.
According to new data in Abnormal Security’s Q3 2021 Email Threat Report, email account takeovers are rising in both number and success rates:
- The chance of experiencing a VEC attack has risen 96% over the last 12 months.
- Mid-sized companies are 43% likely to have at least one account takeover per quarter.
- Enterprises with 50K+ employees are 60% likely to be a victim of account takeover.
- The C-Suite is the most targeted group, at three times than VPs – the next targeted group.
- 14% of account takeovers occur at department head levels within organizations.
- The average request in a VEC attack is $183,000, with the highest documented being $1.6 million.
With the potential for VEC attacks to cost organizations millions annually, it’s first imperative to protect email accounts from the possibility of account takeover using multi-factor authentication and zero trust solutions that scrutinize requests to access email. It’s equally important to educate users involved with the organization’s finances using Security Awareness Training to maintain a sense of vigilance – even when a request comes from a legitimate source. It’s necessary to validate any unexpected requests using a separate communication medium to ensure the person believed to be asking is actually doing so.
This article originally appeared on the KnowBe4 website.
