Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Abnormal AI Uncovers Widespread Employee Exposure to Vendor Email Compromise in New Global Threat Report

Abnormal AI released a new threat intelligence report, Read, Replied, Compromised: Employee Engagement Trends Across VEC Attacks. Drawing on behavioral data from over 1,400 organizations worldwide, the report reveals the extent to which employees are actively engaging with advanced text-based threats like vendor email compromise (VEC) and explores the blind spots attackers are exploiting with highly targeted, socially engineered attacks.

The data revealed that employees frequently struggle to differentiate between legitimate messages and attacks, especially when those emails appear to come from a trusted vendor. The findings are eye-opening: employees at large enterprises engaged with VEC messages 72% of the time after reading them-taking follow-up actions such as replying or forwarding.

In just 12 months, attackers attempted to steal more than $300 million via VEC, with 7% of engagements coming from employees who had engaged with a previous attack. Meanwhile, the overall reporting rate for advanced text-based email threats was just 1.46%, revealing a significant visibility gap for security teams.

"Email-based social engineering has never been more convincing or more effective," said Mike Britton, CIO at Abnormal AI. "Today's attackers are hijacking legitimate vendor threads and crafting sophisticated messages that pass undetected through legacy defenses. And because employees believe these emails are real, they are engaging with them at alarming rates."

The report also identifies engagement rate trends across industries, roles, and regions:

  • Telecommunications saw the highest VEC engagement rate of any industry at 71.3%, dwarfing the second-ranked energy/utilities sector at 56%.
  • Sales roles, especially entry-level, were among the most vulnerable, with junior sales staff engaging with read VEC attacks at a rate of 86%.
  • Organizations in EMEA are highly susceptible to interaction with VEC attacks, despite exercising vigilance around business email compromise (BEC) attacks. In EMEA, the VEC engagement rate exceeds BEC by 90%, and repeat engagement with VEC is the highest of any region-over twice that of BEC. These organizations also demonstrate the lowest reporting rate for VEC (0.27%), yet highest reporting rate for BEC (4.22%).

"While VEC volume remains lower than phishing or ransomware, its success rate-and potential financial impact-is far greater, especially as weaponized AI makes it easier than ever for attackers to impersonate trusted vendors," Britton added. "To prevent costly human error, organizations must move beyond reactive training and adopt proactive defenses that block threats before they reach the inbox."

Download the full report: Read, Replied, Compromised: Employee Engagement Trends Across VEC Attacks

Published Tuesday, June 03, 2025 1:57 PM by David Marshall
Filed under: ,
Get This Featured White Paper: Hidden Secrets Regarding Backup Storage
You may also be interested in this white paper: Zero Trust and Enterprise Data Backup
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
innovatrix
capacity-europe
CGDC
vExpert
Calendar
<June 2025>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
293012345