EMEA region shows highest global rate of repeat engagement with VEC attacks and lowest VEC reporting rates
Abnormal AI, the leader in AI-native human behaviour security, today released its latest global threat intelligence report, Read, Replied, Compromised: Employee Engagement Trends Across VEC Attacks, spotlighting the growing impact of vendor email compromise (VEC) on enterprise security. While the report examines data from over 1,400 organisations worldwide, findings show that EMEA-based enterprises are particularly vulnerable, with post-read interaction and repeat engagement rates significantly outpacing other regions.
The report reveals how employees frequently struggle to differentiate between legitimate messages and attacks, especially when those emails appear to come from a trusted vendor. The findings are eye-opening: across all regions, 72% of employees at large enterprises who read a VEC message went on to engage with it further-taking follow-up actions such as replying or forwarding.
"Email-based social engineering has never been more convincing or more effective," said Mike Britton, CIO at Abnormal AI. "Today's attackers are hijacking legitimate vendor threads and crafting sophisticated messages that pass undetected through legacy defences. And because employees believe these emails are real, they are engaging with them at alarming rates."
The data reveals that VEC threats are especially pronounced in EMEA. Organisations in this region are particularly susceptible to VEC attacks, despite exercising higher vigilance around business email compromise (BEC) attacks.
For example, in EMEA, the VEC engagement rate exceeds BEC engagement by 90%, and repeat engagement with VEC is the highest of any region-over twice that of BEC. This suggests that employees trust external parties (e.g., vendors) more than internal sources, making them especially vulnerable to vendor impersonation. Additionally, EMEA-based organisations record the lowest reporting rate for VEC across all regions (0.27%), yet highest reporting for BEC (4.22%).
Additional key findings across the global data:
- In just 12 months, attackers attempted to steal more than $300 million via VEC, with 7% of engagements coming from employees who had engaged with a previous attack. Meanwhile, the overall reporting rate for advanced text-based email threats was just 1.46%, revealing a significant visibility gap for security teams.
- Telecommunications saw the highest VEC engagement rate of any industry at 71.3%, dwarfing the second-ranked energy/utilities sector at 56%.
- Sales roles, especially entry-level, were among the most vulnerable, with junior sales staff engaging with read VEC attacks at a rate of 86%.
"While VEC volume remains lower than phishing or ransomware, its success rate-and potential financial impact-is far greater, especially as weaponised AI makes it easier than ever for attackers to impersonate trusted vendors," Britton added. "To prevent costly human error, organisations must move beyond reactive training and adopt proactive defences that block threats before they reach the inbox."
Download the full report: Read, Replied, Compromised: Employee Engagement Trends Across VEC Attacks
About Abnormal AI
Abnormal AI is the leading AI-native human behaviour security platform, leveraging machine learning to stop sophisticated inbound attacks and detect compromised accounts across email and connected applications. The anomaly detection engine leverages identity and context to understand human behaviour and analyse the risk of every cloud email event-detecting and stopping sophisticated, socially-engineered attacks that target the human vulnerability.
You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly. Additional protection is available for Slack, Workday, ServiceNow, Zoom, and multiple other cloud applications. Abnormal is currently trusted by more than 3,200 organisations, including over 20% of the Fortune 500, as it continues to redefine how cybersecurity works in the age of AI. Learn more at abnormal.ai.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250603951973/en/
Contacts:
Media Contact:
Jade Hill
Senior Director of Communications
media@abnormalsecurity.com
