Auto industry is prime target for email attacks
The automotive industry has become a popular target for business email compromise and vendor email compromise attacks, according to new research from Abnormal Security.
Between September 2023 and February 2024, BEC attacks against businesses in the automotive industry increased by 70.5 percent. Over the same period 63 percent of Abnormal Security customers in the automotive industry experienced at least one VEC attack.
This level of VEC attacks is higher than experienced by organizations in the energy/infrastructure (54 percent), hospitality (50 percent), and finance (35 percent) industries during the same timeframe.
Mick Leach, field CISO of Abnormal Security, writes on the company's blog, "While every organization across every vertical is at risk of experiencing advanced email attacks, there are certain industries that, for various reasons, periodically become the go-to target for threat actors. Our research revealed that the automotive industry currently finds itself in the crosshairs of cybercriminals launching business email compromise (BEC) and vendor email compromise (VEC) attacks."
These attacks are designed to deceive employees and extract money or sensitive information and they can pose a significant threat to an organization’s financial stability and reputation.
The automotive sector is an attractive target because it involves high-value transactions for parts and inventory. Also because automotive groups rely on complex supply chains and large vendor ecosystems, this gives attackers plenty of third parties to impersonate and vulnerabilities to exploit.
The average cost of a successful BEC attack exceeds $125,000. Adding to the challenge, these sophisticated social engineering tactics often bypass traditional security measures, leaving employees -- often the weakest link in the cybersecurity chain -- as the last line of defense.
You can read more, along with analysis of a real world attack, on the Abnormal Security blog.
Image credit: microolga/depositphotos.com