Skip to main content


Home Vendor email compromise

Vendor email compromise

Vendor email compromise definition

Vendor email compromise (VEC) is a cyber scam where attackers target the email accounts of vendors and use them to send fake invoices to their customers.

See also: business email compromise, conversation hijacking, social engineering

How vendor email compromise works

  1. 1.Cybercriminals first breach a vendor's email system. They may use phishing or spear phishing, credential stuffing, keyloggers, and other techniques for that.
  2. 2.Once inside, they track emails to understand billing cycles, vendors, and typical invoice amounts.
  3. 3.Using the breached account or a similar email address, they send fake invoices to the vendor's clients with updated bank details.
  4. 4.Unsuspecting clients pay the invoices, sending funds to the cybercriminals' accounts.

Vendor email compromise example

A city government receives what seems like a regular invoice from its construction vendor. The only difference is the bank account details, which have been subtly changed. Trusting the vendor, the city transfers a significant amount of money. It takes the actual vendor following up about the unpaid invoice for the officials to realize they've been victims of a VEC scam.

Dangers of vendor email compromise

  • Financial loss. Companies can lose significant amounts of money.
  • Loss of trust. Both the vendor and client can suffer reputational damage, eroding trust.
  • Data breach. Cybercriminals might gain access to sensitive company information during their email surveillance.
  • Further compromise. The breach may not be limited to email — the attackers can potentially gain deeper access to a company's network.