{"id":46557,"date":"2021-09-16T12:04:38","date_gmt":"2021-09-16T19:04:38","guid":{"rendered":"http:\/\/www.enxmag.com\/twii\/?p=46557"},"modified":"2021-09-16T12:04:40","modified_gmt":"2021-09-16T19:04:40","slug":"probability-of-experiencing-a-vendor-email-compromise-attack-increases-96","status":"publish","type":"post","link":"https:\/\/www.enxmag.com\/twii\/the-week-in-imaging-twii\/editors-blog\/2021\/09\/probability-of-experiencing-a-vendor-email-compromise-attack-increases-96\/","title":{"rendered":"Probability of Experiencing a Vendor Email Compromise Attack Increases 96%"},"content":{"rendered":"\n<div class=\"wp-block-image\"><figure class=\"alignleft size-medium\"><img loading=\"lazy\" width=\"300\" height=\"232\" src=\"https:\/\/www.enxmag.com\/twii\/wp-content\/uploads\/2021\/09\/KnowBe4-art-300x232.jpg\" alt=\"\" class=\"wp-image-46558\" srcset=\"https:\/\/www.enxmag.com\/twii\/wp-content\/uploads\/2021\/09\/KnowBe4-art-300x232.jpg 300w, https:\/\/www.enxmag.com\/twii\/wp-content\/uploads\/2021\/09\/KnowBe4-art.jpg 397w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/figure><\/div>\n\n\n\n<p>Vendor Email Compromise requires first taking control of a strategic email account within the victim organizations. According to new data, cybercriminals are getting really good at this.<\/p>\n\n\n\n<p>Vendor Email Compromise \u2013 an attack where an email account is actually taken over rather than simply spoofed as seen in business email compromise attacks \u2013 can have a far greater impact on the organization. Emails coming from a threat actor-controlled legitimate email account are much harder, if not impossible, to discern as being malicious in nature.<\/p>\n\n\n\n<p>According to new data in Abnormal Security\u2019s Q3 2021 Email Threat Report, email account takeovers are rising in both number and success rates:<\/p>\n\n\n\n<ul><li>The chance of experiencing a VEC attack has risen 96% over the last 12 months.<\/li><li>Mid-sized companies are 43% likely to have at least one account takeover per quarter.<\/li><li>Enterprises with 50K+ employees are 60% likely to be a victim of account takeover.<\/li><li>The C-Suite is the most targeted group, at three times than VPs \u2013 the next targeted group.<\/li><li>14% of account takeovers occur at department head levels within organizations.<\/li><li>The average request in a VEC attack is $183,000, with the highest documented being $1.6 million.<\/li><\/ul>\n\n\n\n<p>With the potential for VEC attacks to cost organizations millions annually, it\u2019s first imperative to protect email accounts from the possibility of account takeover using multi-factor authentication and zero trust solutions that scrutinize requests to access email. It\u2019s equally important to educate users involved with the organization\u2019s finances using Security Awareness Training to maintain a sense of vigilance \u2013 even when a request comes from a legitimate source. It\u2019s necessary to validate any unexpected requests using a separate communication medium to ensure the person believed to be asking is actually doing so.<\/p>\n\n\n\n<p><em>This article originally appeared on the <a href=\"http:\/\/knowbe4.com\">KnowBe4<\/a> website.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vendor Email Compromise requires first taking control of a strategic email account within the victim organizations. According to new data, cybercriminals are getting really good at this. Vendor Email Compromise \u2013 an attack where an email account is actually taken over rather than simply spoofed as seen in business email compromise attacks \u2013 can have a far greater impact on the organization. Emails coming from a threat actor-controlled legitimate email account are much harder, if not impossible, to discern as being malicious in nature. According to new data in Abnormal Security\u2019s Q3 2021 Email Threat Report, email account takeovers are rising in both number and success rates: The chance of experiencing a VEC attack has risen 96% over the last 12 months. Mid-sized companies are 43% likely to have at least one account takeover per quarter. Enterprises with 50K+ employees are 60% likely to be a victim of account takeover. The C-Suite is the most targeted group, at three times than VPs \u2013 the next targeted group. 14% of account takeovers occur at department head levels within organizations. The average request in a VEC attack is $183,000, with the highest documented being $1.6 million. With the potential for VEC attacks to cost organizations millions annually, it\u2019s first imperative to protect email accounts from the possibility of account takeover using multi-factor authentication and zero trust solutions that scrutinize requests to access email. It\u2019s equally important to educate users involved with the organization\u2019s finances using Security Awareness Training to maintain a sense of vigilance \u2013 even when a request comes from a legitimate source. It\u2019s necessary to validate any unexpected requests using a separate communication medium to ensure the person believed to be asking is actually doing so. This article originally appeared on the KnowBe4 website.<\/p>\n","protected":false},"author":178,"featured_media":46558,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[80,1650,82,3371,1638],"tags":[4051],"_links":{"self":[{"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/posts\/46557"}],"collection":[{"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/users\/178"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/comments?post=46557"}],"version-history":[{"count":2,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/posts\/46557\/revisions"}],"predecessor-version":[{"id":46560,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/posts\/46557\/revisions\/46560"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/media\/46558"}],"wp:attachment":[{"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/media?parent=46557"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/categories?post=46557"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/tags?post=46557"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}