▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | Italian Channel Awards | Italian Project Awards | Italian Security Awards | ...
InnovationOpenLab

New Report from Abnormal AI Reveals Alarming Employee Exposure to Vendor Email Compromise Across EMEA

Abnormal AI, the leader in AI-native human behaviour security, today released its latest global threat intelligence report, Read, Replied, Compromised: Employee Engagement Trends Across VEC Attacks, s...

Business Wire

EMEA region shows highest global rate of repeat engagement with VEC attacks and lowest VEC reporting rates

LONDON: Abnormal AI, the leader in AI-native human behaviour security, today released its latest global threat intelligence report, Read, Replied, Compromised: Employee Engagement Trends Across VEC Attacks, spotlighting the growing impact of vendor email compromise (VEC) on enterprise security. While the report examines data from over 1,400 organisations worldwide, findings show that EMEA-based enterprises are particularly vulnerable, with post-read interaction and repeat engagement rates significantly outpacing other regions.

The report reveals how employees frequently struggle to differentiate between legitimate messages and attacks, especially when those emails appear to come from a trusted vendor. The findings are eye-opening: across all regions, 72% of employees at large enterprises who read a VEC message went on to engage with it further—taking follow-up actions such as replying or forwarding.

“Email-based social engineering has never been more convincing or more effective,” said Mike Britton, CIO at Abnormal AI. “Today’s attackers are hijacking legitimate vendor threads and crafting sophisticated messages that pass undetected through legacy defences. And because employees believe these emails are real, they are engaging with them at alarming rates.”

The data reveals that VEC threats are especially pronounced in EMEA. Organisations in this region are particularly susceptible to VEC attacks, despite exercising higher vigilance around business email compromise (BEC) attacks.

For example, in EMEA, the VEC engagement rate exceeds BEC engagement by 90%, and repeat engagement with VEC is the highest of any region—over twice that of BEC. This suggests that employees trust external parties (e.g., vendors) more than internal sources, making them especially vulnerable to vendor impersonation. Additionally, EMEA-based organisations record the lowest reporting rate for VEC across all regions (0.27%), yet highest reporting for BEC (4.22%).

Additional key findings across the global data:

  • In just 12 months, attackers attempted to steal more than $300 million via VEC, with 7% of engagements coming from employees who had engaged with a previous attack. Meanwhile, the overall reporting rate for advanced text-based email threats was just 1.46%, revealing a significant visibility gap for security teams.
  • Telecommunications saw the highest VEC engagement rate of any industry at 71.3%, dwarfing the second-ranked energy/utilities sector at 56%.
  • Sales roles, especially entry-level, were among the most vulnerable, with junior sales staff engaging with read VEC attacks at a rate of 86%.

“While VEC volume remains lower than phishing or ransomware, its success rate—and potential financial impact—is far greater, especially as weaponised AI makes it easier than ever for attackers to impersonate trusted vendors,” Britton added. “To prevent costly human error, organisations must move beyond reactive training and adopt proactive defences that block threats before they reach the inbox.”

Download the full report: Read, Replied, Compromised: Employee Engagement Trends Across VEC Attacks

About Abnormal AI

Abnormal AI is the leading AI-native human behaviour security platform, leveraging machine learning to stop sophisticated inbound attacks and detect compromised accounts across email and connected applications. The anomaly detection engine leverages identity and context to understand human behaviour and analyse the risk of every cloud email event—detecting and stopping sophisticated, socially-engineered attacks that target the human vulnerability.

You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly. Additional protection is available for Slack, Workday, ServiceNow, Zoom, and multiple other cloud applications. Abnormal is currently trusted by more than 3,200 organisations, including over 20% of the Fortune 500, as it continues to redefine how cybersecurity works in the age of AI. Learn more at abnormal.ai.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

RSA at Cybertech Europe 2024

Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…

Italian Security Awards 2024: G11 Media honours the best of Italian cybersecurity

G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes

How Austria is making its AI ecosystem grow

Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries

Sparkle and Telsy test Quantum Key Distribution in practice

Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…

Most read

Ionic Digital Issues Open Letter to Stockholders to Deliver Essential…

Ionic Digital Inc., (the “Company” or “Ionic”), an emerging innovator in digital infrastructure and bitcoin mining, today issued an open letter to stockholders…

University of Phoenix Leadership Presents at 1EdTech

University of Phoenix is pleased to announce that Vice President of Accessibility and Student Affairs Kelly Hermann co-presented at the 2025 1EdTech Learning…

Tapcheck Named Workday Innovation Partner

#EWA--Tapcheck , today announced that it has achieved Workday Certified Integration status. As a Workday Innovation Partner, Tapcheck offers customers…

EDO and TelevisaUnivision Expand Partnership to Unlock Cross-Platform…

EDO, the TV outcomes company, and TelevisaUnivision, the world’s leading Spanish-language media company, have expanded their partnership to measure the…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!