SUPPLY CHAIN FRAUD

Vendor Email Compromise

WHAT IS SUPPLY CHAIN FRAUD?

Supply Chain Fraud or Vendor Email Compromise (VEC) is when an attacker uses a compromised email account to send emails their customers, requesting payments.

UK: £92.7M Lost Each Year

Invoice and payment fraud scams cost organizations in the United Kingdom £92.7 million each year (2019).

(source: UK Finance)

467,361 complaints in 2019

467,361 complaints in 2019, an average of nearly 1,300 every day - recording more than $3.5 billion in losses.

(source: FBI)

Average Loss of €14k

Up to 100 Irish businesses in 2022 were conned out of an average of €14,000 due to invoice fraud - totaling approx. €1.4million.

(source: Business Plus)

WHAT DOES SUPPLY CHAIN
FRAUD LOOK LIKE?

Supply Chain Fraud or Vendor Email Compromise often looks identical to legitimate emails and can be exceptionally difficult for email filters and recipients to tell them apart.

Example of a supply chain compromise email

Compromised Mailbox

The attacker has compromised a mailbox belonging to a member of the finance team of a known supplier. With full access to their mailbox, the attacker can learn what type of language they use, what services they invoice for, and what customers they can target.

No Malicious Content

The absence of any malicious content renders AV engines and sandboxes obsolete.

Normal Language

The attacker can copy and paste language used in previous genuine emails, changing only the bank account numbers.

HOW DOES MESH PROTECT
AGAINST SUPPLY CHAIN FRAUD?

Mesh applies over 250 unique filters to every single email it processes, protecting against the full spectrum of email attacks. Combining machine learning, predictive threat intelligence and advanced content analysis, Mesh identifies indicators of compromise, fraud, impersonation, phishing, malicious content, spam, and unsolicited marketing emails, keeping organizations and their people safe.

Contextual Banners

Informed employees are safer employees. Banners can be applied to emails warning of danger or advising caution, empowering employees to safely navigate their inbox. Banners are customizable

Financial Fraud Prevention

Mesh analyzes email content and language for indicators of financial fraud. Implicit or explicit requests for payment, inclusion of banking information like IBAN or Account numbers, are scrutinized for authenticity.

Sender Relationship Analysis

Mesh leverages intelligence generated from an employee’s regular email activity - including who they receive email from, the time of day, distance from the sender, and other characteristics, enabling easier detection of anomalous traffic.

Its ability to detect emails specifically targeting high-risk individuals is incredibly reassuring

Mesh has significantly reduced the amount of email-related tickets we receive. The ability to manage everything centrally from partner level makes our job so much easier - we can make changes for all clients in one go. Onboarding was quick and painless, both our engineers and end-users took to it straight away.”

Get the full case-study ⟶

Jason Gilmer
Network Admin at Reading Bakery Systems

reading bakery systems logo

Ready to get started?

Make your customers safer and
your MSP more efficient.

MSP Success Stories

Discover how your MSP peers have made their MSPs more efficient and profitable, while delivering better email security to their customers.

View Success Stories →

Mesh is not for everyone

We’re developing the only email security platform built exclusively for MSPs, but nobody is perfect and Mesh is not for every team.

Learn Why →