Cyber Security

Vendor Email Compromise: Silent $300 million threat CISOs can’t be ignored

Photo of liralbes liralbes Send an email 2 days ago
0 0 Less than a minute
Vendor Email Compromise: Silent 0 million threat CISOs can’t be ignored

AI expands threat complexity

Unlike traditional phishing, VEC attacks mimic legitimate business email threads, often using AI to generate tones, brands, and message history with high precision. With no obvious detection triggers, these emails bypass filters and even fool cautious employees who often rush to address perceptual issues such as unpaid payments in a tight job market.

“Existing controls such as multifactor authentication are failing against these AI-driven attacks,” Dubar warned. “We need a basic strategy shift to address psychological manipulation, not just credential verification.”

He added that peripheral defense alone cannot prevent such AI-powered VECs. “Organizations need three key upgrades: AI-driven email analytics to detect subtle contradictions, proactive vendor validation protocols, and retrain employees who accredited social engineering, not just technical threats.”

Photo of liralbes liralbes Send an email 2 days ago
0 0 Less than a minute
Photo of liralbes

liralbes

Related Articles

Don’t give them what they really want

Don’t give them what they really want

4 hours ago
CISO urges to push suppliers to prepare for post-quantitative cryptography

CISO urges to push suppliers to prepare for post-quantitative cryptography

5 hours ago
Cybersecurity in der lieferkette: wie sie ihre software – supply chain schützen

Cybersecurity in der lieferkette: wie sie ihre software – supply chain schützen

8 hours ago
CISA asked CISO: Does this asset really have to be on the Internet?

CISA asked CISO: Does this asset really have to be on the Internet?

8 hours ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button