The global financial services industry has witnessed a significant surge in Vendor Email Compromise (VEC) attacks [1] [2] [3], as reported by Abnormal Security [4]. These attacks primarily involve socially engineered email attacks [1] [3], with an average of 200 advanced attacks per 1000 mailboxes each week [1] [3]. This article highlights the rise in VEC attacks, their modus operandi, and the challenges faced by the financial services industry.


VEC attacks occur when threat actors impersonate business providers [1] [2] [3] [4] [5], such as suppliers or vendors [2] [5], to fraudulently obtain money from the vendor’s customers. These attacks often involve billing account updates or invoice fraud [5]. Some threat actors create fake email accounts [5], while others exploit compromised vendor email accounts to request financial transfers [5]. The deceptive nature of these attacks makes them difficult to detect, as the accounts appear legitimate [5]. Consequently, organizations can suffer substantial financial losses [2], with reported cases reaching up to $36 million.

The financial services industry is particularly vulnerable to cyberattacks due to the sensitive personal and financial information it handles [4]. In addition to VEC attacks, the industry has also experienced a 71% increase in Business Email Compromise (BEC) attacks [1] [2] [3]. Cybercriminals employ BEC attacks by impersonating executives or employees to orchestrate fraudulent activities. These attacks exploit social engineering tactics, effectively bypassing traditional security tools [1] [3]. The sophistication of these attacks poses a significant challenge to email security systems and requires heightened human vigilance [1] [3].


The rise in VEC and BEC attacks highlights the urgent need for robust email security measures within the financial services industry. Organizations must invest in advanced cloud email security solutions to combat the growing frequency of email-based attacks targeting human fallibility. Failure to do so can result in substantial financial losses and reputational damage. As cybercriminals continue to evolve their tactics, it is crucial for the industry to stay ahead by implementing proactive security measures and fostering a culture of cybersecurity awareness.