A West African cybercriminal gang referred to as Silent Starling has victimized over 500 companies in 14 countries with a growing type of attack called vendor email compromise (VEC), according to the new quarterly report from security firm Agari.
VEC attacks target the global supply chain. The purported cyber gang sends emails to a business vendor’s customers to trick them into paying with false emails. It is difficult for legacy systems to detect, Agari says.
"VEC is the next evolution of business email compromise (BEC),” states Crane Hassold, senior director of threat research at Agari and head of the Agari Cyber Intelligence Division (ACID).
Hassold adds: “These attacks will continue to increase in frequency over the next 12 to 18 months because the financial return for scammers is very significant."
VEC emails mimic the feel and look of legitimate communications, Agari says.
The firm estimates that over 20,000 emails have been stolen since late 2019, and that 39 employees were compromised at a single U.S. company.
And it cites a finding from FinCEN showing that the average VEC scam costs each victim company more than $125,000, compared to $50,000 for a classical BEC attack.
Agari reports that over 700 employee email accounts have been compromised with OneDrive and DocuSign credential phishing.