Email attackers now favor tailored campaigns that exploit trusted relationships and routine workflows instead of obvious technical flaws, with phishing accounting for 58% of attacks and BEC/VEC comprising the more targeted, high-impact campaigns. Abnormal AI’s 2026 report highlights redirect chains, link shorteners (TinyURL and t.co), VIP impersonation, lateral compromises, and invoice fraud in VEC, and recommends AI that builds behavioral baselines from identity, context, and content to stop attacks before employees respond. #AbnormalAI #VEC
Keypoints
- Phishing is the predominant email threat, responsible for 58% of attacks.
- Over 20% of phishing campaigns use redirect chains and more than 10% use link shorteners, led by TinyURL and t.co.
- BEC and VEC are less frequent but more crafted and damaging, with VEC now more common than personal-impersonation BEC and invoice fraud prevalent in North America.
- Attack techniques vary by company size: VIP impersonation is common in small firms, while lateral account compromises rise in large enterprises and higher education.
- Defenses should use AI-driven behavioral baselines analyzing identity, context, and content to detect attacks before employees engage.