Vendor Email Compromise (VEC) Attacks: What You Need to Know
Email Attack Image

Vendor Email Compromise (VEC) Attacks: What You Need to Know

Vendor email compromise (VEC) attacks are a type of social engineering attack where a cybercriminal impersonates a trusted vendor to defraud an organization. These attacks are becoming increasingly common, as they are more difficult to detect than traditional phishing attacks.

In a VEC attack, the attacker will first compromise the email account of a legitimate vendor. Once they have access to the account, they will email the victim organization, pretending to be the vendor. The emails will often contain requests for payment or sensitive information.

VEC attacks are often very convincing, as the attacker will take the time to learn about the victim organization and its vendors. They may even use the vendor’s logo and branding in their emails. This makes it more likely that the victim will fall for the scam.

How to Protect Yourself from VEC Attacks

There are a number of things that you can do to protect yourself from VEC attacks. These include:

  • Be suspicious of emails from vendors with which you don’t usually do business.
  • Don’t click on links or open attachments in emails from vendors unless you are sure that they are legitimate.
  • Verify the sender’s email address before responding to any emails from vendors.
  • Educate your employees about VEC attacks and how to spot them.

How Security Awareness Training Can Help

Security awareness training can help to protect your organization from VEC attacks by teaching your employees how to spot and avoid these scams. A good security awareness training program will cover topics such as:

  • How to identify phishing emails
  • How to protect your passwords
  • How to be safe online

Get a Free Demo of KnowBe4 from Citynet

Citynet is a partner of KnowBe4, a leading provider of security awareness training. KnowBe4 offers a variety of training programs that can help to protect your organization from VEC attacks and other cyber threats.

Get a free demo of the KnowBe4 security awareness platform from Citynet by visiting our website or calling us today at 1.844.CITYNET (844.248.9638).

Like this article?

Share on Facebook
Share on Twitter
Share on Linkdin
Share on Pinterest

More Posts

MFA to Zero Trust Image

How to go from MFA to Zero Trust

Increased connectivity, coupled with the rise of remote and hybrid work, is prompting organizations to evolve their user access security and make strides toward a

Cybersecurity Training Image

Yearly Cyber Training Doesn’t Work

If you’re sticking to once-a-year sessions for your employees, it’s time to rethink your approach. Let’s face it, it’s likely dull and uninspiring. And if

Fact vs Myth Image

Debunking 5 Common Internet Myths

In the vast landscape of the internet, myths and misconceptions often abound, shaping our perceptions and influencing our online behaviors. At Citynet, we’re committed to

SuperPod with WiFi 6E

Plume SuperPod WiFi 6E Specs

SuperPod with WiFi 6

Plume SuperPod WiFi 6 Specs


Plume SuperPod Secs