At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Vendor Email Compromise Attacks Use the Same Playbook for Multiple Attacks

    Seeking very large paydays, Vendor Email Compromise (VEC) threat actors are finding out what works and repurposing their content and processes to increase chances of seeing a massive payout.

    VEC is a form of Business Email Compromise (BEC) where an email account isn’t just impersonated (e.g., using someone’s name, a lookalike domain, etc.) but actually compromising credentials and taking over an account of someone within an organization. By doing this, the deliverability of email is nearly guaranteed, as is the credibility of the email being sent – since it actually comes from the impersonated employee’s employer.

    According to new findings by security researchers at Abnormal Security, several VEC attacks have been spotted targeting critical infrastructure and repeatedly using the same emails and tactics across multiple victim organizations. The attack is simple – one or more emails that seek to have any outstanding invoices paid to a different bank account, as shown below:

    vendor email compromise example

    According to Abnormal Security, the most effective tactic in this attack is the use of a known domain. It makes even a vigilant employee (who checks the “From” address, etc.) to think the email is legitimate. It’s only those users that have been taught through security awareness training and good security policies that anytime a change of payment details is requested, there needs to be a verification step using another medium and a known means of contact (instead of any contact details within the email in question) to validate the request.

    Can hackers spoof an email address of your own domain?

    Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit “CEO Fraud”, penetrating your network is like taking candy from a baby.

    Now they can launch a “CEO fraud” spear phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

    Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.

    Try To Spoof Me

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/domain-spoof-test-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top