Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Vendor Email Compromise Attacks Use the Same Playbook for Multiple Attacks

    Vendor Email Compromise Attacks Use the Same Playbook for Multiple AttacksSeeking very large paydays, Vendor Email Compromise (VEC) threat actors are finding out what works and repurposing their content and processes to increase chances of seeing a massive payout.

    VEC is a form of Business Email Compromise (BEC) where an email account isn’t just impersonated (e.g., using someone’s name, a lookalike domain, etc.) but actually compromising credentials and taking over an account of someone within an organization. By doing this, the deliverability of email is nearly guaranteed, as is the credibility of the email being sent – since it actually comes from the impersonated employee’s employer.

    According to new findings by security researchers at Abnormal Security, several VEC attacks have been spotted targeting critical infrastructure and repeatedly using the same emails and tactics across multiple victim organizations. The attack is simple – one or more emails that seek to have any outstanding invoices paid to a different bank account, as shown below:

    vendor email compromise example

    According to Abnormal Security, the most effective tactic in this attack is the use of a known domain. It makes even a vigilant employee (who checks the “From” address, etc.) to think the email is legitimate. It’s only those users that have been taught through security awareness training and good security policies that anytime a change of payment details is requested, there needs to be a verification step using another medium and a known means of contact (instead of any contact details within the email in question) to validate the request.

     

    Return To KnowBe4 Security Blog

    Can hackers spoof an email address of your own domain?

    DSTAre you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.

    Now they can launch a "CEO fraud" spear phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

    Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.

    Try To Spoof Me!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/domain-spoof-test/

    Topics: Cybercrime

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews