chat
expand_more

An Overview of Vendor Risks: Tips for Vendor Procurement and Security Assessments

Learn the biggest risks associated with your vendor relationships and how to protect your organization from Vendor Email Compromise (VEC) attacks.
June 1, 2023

Relationships with vendors are integral to your business and brand, but each company that you partner with poses an additional risk. Ideally, you and your vendors should be able to trust and stand by each other; unfortunately, though, threat actors are always poised to exploit any gap in your security posture. Vendor Email Compromise (VEC) weaponizes email—that convenient, useful conduit between companies and their vendors. VEC attacks are increasingly ingenious and bold, making messages appear to originate from trusted accounts. Criminals are resourceful in invading vendor email accounts and using legitimate invoicing information to target your employees.

Vendor email compromise is the malicious, unauthorized use of access to an email account for the purpose of targeting trusted partners. For the first time, 2022 saw vendor email attacks actually surpass those masquerading as internal workers. Third-party impersonations now constitute 52% of all BEC attacks. And we can expect that trend to rise. To get to you, criminals first compromise your outside vendor, and then trick that company into passing along a whole spectrum of misery, from fake invoices to credential phishing to malware, ransomware, and more.

VEC Seizes Prominence in Email Attack Strategy

You may cautiously evaluate new vendors, but crooks are patient, and time is on their side. With the passage of months, your guard tends to drop, and the risk grows as you learn to trust vendor email identities. Abnormal research reveals that only 2.1% of all attacks landing in end-user inboxes are reported to the SOC team! You need to stay alert to the escalating danger from third parties and keep your guard up.

When a malicious email arrives—ostensibly from a vendor that you have previously worked with—the chance that you’ll recognize the attack decreases. It’s difficult for employees to identify a scam in a known, familiar email address. And VEC is particularly effective because threat actors use ‘real’ vendor email accounts and legitimate invoicing information to target you.

Basic Technology Architecture Enables VEC Attacks

These days, nearly all organizations, from global enterprises to startups rely on outside partners and third-party vendors for the features or services they need. This supply chain must share data to accomplish its purposes, and cybercriminals exploit that need. They breach and exfiltrate high-value data: proprietary information, personal credentials, and sensitive financial information. Sophisticated social engineering even mimics email writing styles and mentions personal information like travel plans to put a recipient off guard and sound credible.

Three-Way Defensive Strategy Protects You from VEC Campaigns

1. Conduct a thorough vendor risk assessment.

These days, VEC effortlessly slips past reputation checks, attachment scans and other conventional email defenses. SEGs are no longer reliable to catch advanced VEC, BEC, and credential theft. Abnormal, on the other hand, is far more effective than traditional email security to spot compromised vendor accounts. Abnormal learns the behavior of every identity within and outside of an organization, analyzing communications between all senders and recipients,— including the vendors in your supply chain. The platform correlates behavioral identity information with tens of thousands of context signals to precisely identify suspicious anomalies.

2. Make sure you have continuous visibility in monitoring the risk of these vendors.

Gartner advises, “Look for email security solutions that use ML- and AI-based technology for BEC protection to analyze conversation history to detect anomalies.” Abnormal VendorBase™ employs behavioral AI, machine learning models, natural language processing, and computer vision to deliver a baseline of communication patterns. Our technology detects and tracks invoice information and banking details, while deep content analysis examines tone, intent, attachments, and URLs of every email. AI speed and accuracy let us deliver a vendor risk score and assessment with every email. Changes across the supply chain show up instantly to blow the whistle on attackers and support your decision-making process.

3. Rely on onboard security solutions to detect, analyze, and mitigate the continuous risk of VEC.

Abnormal is a VEC specialist, tracking every vendor you deal with, at all times, to spot compromises. By understanding normal behavior, Abnormal can detect when changes have occurred across the supply chain and use that risk information to make decisions on incoming messages. VendorBase inventories your vendors across email, as well as tracking engagement activities and assessing risk. With VendorBase, it doesn’t matter that an attack may emanate from a legitimate vendor account. It’s detected and caught anyway, and you’re protected from harm.

Increase Visibility and Avoid VEC with Abnormal

Abnormal makes preventing vendor email compromise an easy process, with no manual configuration required. The platform natively integrates into your cloud office environment; our cloud-native, API-based approach means no delay in email delivery time, with all inspection and scanning performed in memory. When an email deviates from this baseline, Abnormal automatically remediates the message and thwarts the attack, protecting your organization from vendor fraud and a spectrum of additional attacks.

Interested in learning more about how Abnormal protects you and your vendors?

Schedule a Demo
An Overview of Vendor Risks: Tips for Vendor Procurement and Security Assessments

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Discover How It All Works

See How Abnormal AI Protects Humans

Related Posts

High Scale Aggregation Cover
At Abnormal AI, detecting malicious behavior at scale means aggregating vast volumes of signals in realtime and batch. This post breaks down how we implemented the Signals DAG across both systems to achieve consistency, speed, and detection accuracy at scale.
Read More
B CISO SAT
Discover how modern CISOs are evolving security awareness training from a compliance checkbox into a strategic, AI-powered program that drives behavior change and builds a security-first culture.
Read More
B Regional VEC BEC Trends Blog
Regional analysis of 1,400+ organizations reveals how geography shapes email security risks. See which regions are most vulnerable to VEC vs BEC.
Read More
B HTML and Java Script Phishing
Explore real phishing attacks that use HTML and JavaScript to bypass defenses and learn what makes these emails so hard to detect.
Read More
B Custom Phishing Kits Blog
Brand-specific phishing kits are replacing generic templates. Learn how these custom phishing kits enable sophisticated impersonation attacks.
Read More
B Healthcare
Discover how healthcare security leaders are defending against AI-powered threats. Learn why identity and email are the new frontlines—and what it takes to protect the human element.
Read More