Singapore, June 24, 2025 - Abnormal AI, the leader in AI-native human behaviour security, today released Asia-Pacific (APAC) data from its latest global threat intelligence report, Read, Replied, Compromised: Employee Engagement Trends Across VEC Attacks, spotlighting the growing impact of business email compromise (BEC) and vendor email compromise (VEC) on enterprise security.

Drawing on behavioural data from over 1,400 organisations worldwide, the report reveals that while VEC remains a major threat globally, organisations in the APAC region face a different set of challenges—most notably around BEC.

Globally, employees at large enterprises took follow-up actions—such as replying or forwarding—on 72% of the VEC messages they read. However, the findings reveal a unique trend in APAC, where employees are more likely to engage with BEC attacks compromising or impersonating internal employees than with vendor-based impersonation attacks.

APAC was the only region where BEC engagement rates surpassed VEC, with employees engaging with BEC emails 44.4% of the time after reading them—10% higher than VEC. APAC employees also showed the highest repeat engagement with BEC of any region globally, at 5.65%—meaning 5.65% of BEC engagements were initiated by an employee who had previously replied to and/or forwarded a different BEC attack.

“Security behaviour is shaped by both cultural norms and compliance standards, and the APAC region exemplifies how these factors can shift the threat landscape,” said Tim Bentley, Vice President of Asia-Pacific at Abnormal AI. “While VEC is a growing concern worldwide, the data indicates that attackers targeting APAC are still seeing continued success with executive or internal impersonation tactics instead.”

While APAC employees engage with BEC attacks more than VEC, they at least report those attacks at a substantially higher rate, albeit still at a significantly lower than desired frequency (1.92%).

Key global findings from the report include:

• In just 12 months, attackers attempted to steal more than $300 million via VEC, with 7% of engagements involving employees who had previously interacted with an attack.

• Telecommunications saw the highest VEC engagement rate globally (71.3%), followed by the energy/utilities sector at 56%.

• Sales roles, particularly entry-level, were among the most vulnerable, with junior staff engaging with 86% of read VEC attacks.
  

• For EMEA organisations, the data trended in the opposite direction of APAC enterprises, showing high susceptibility to interaction with VEC attacks, despite exercising vigilance around BEC attacks. In EMEA, the VEC engagement rate exceeds BEC by 90%, and repeat engagement with VEC is the highest of any region—over twice that of BEC. These organisations also demonstrate the lowest reporting rate for VEC (0.27%), yet highest reporting rate for BEC (4.22%).

“Attackers are leveraging AI to impersonate trusted identities with alarming accuracy,” Bentley added. “Whether the threat appears to come from a known vendor or a familiar executive, organisations in every region must invest in intelligent defences that adapt to regional behavioural patterns and automatically block attacks before employees ever see them.”

To download the full report, visit abnormalsecurity.com/resources/vec-threat-report.

About Abnormal AI
Abnormal AI is the leading AI-native human behaviour security platform, leveraging machine learning to stop sophisticated inbound attacks and detect compromised accounts across email and connected applications. The anomaly detection engine leverages identity and context to understand human behaviour and analyse the risk of every cloud email event—detecting and stopping sophisticated, socially-engineered attacks that target the human vulnerability.

You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly. Additional protection is available for Slack, Workday, ServiceNow, Zoom, and multiple other cloud applications. Abnormal is currently trusted by more than 3,200 organisations, including over 20% of the Fortune 500, as it continues to redefine how cybersecurity works in the age of AI. Learn more at abnormal.ai.

Media Contact:
Jade Hill
Senior Director of Communications
media@abnormalsecurity.com