Multi-party email scams expose the limits of email security

At a glance

What this is: This is an analysis of how multi-party email fraud uses lookalike domains, AI-written messages, and fabricated stakeholder threads to defeat traditional email controls.

Why it matters: It matters because identity and access teams increasingly need to treat communication trust, account provenance, and behavioural anomalies as governance problems, not just mail-security problems, across human and non-human identity programmes.

👉 Read Abnormal AI's analysis of multi-party email fraud and RFQ scams

Context

Multi-party fraud is a trust abuse problem, not just an email filtering problem. Attackers now impersonate several legitimate parties in the same transaction, using new domains, convincing language, and business context to make a fake exchange look operationally normal.

For IAM, IGA, and PAM teams, the key lesson is that identity assurance extends beyond authentication. When people are persuaded to disclose payment instructions, supplier details, or internal process specifics, attackers can turn ordinary collaboration into a control bypass without ever stealing a password.

The source article shows that the security gap is not only in message detection. It is in the organisation’s ability to prove that a relationship, a request, and a communication chain are genuine before business action is taken.

Key questions

Q: How should security teams verify payment requests that arrive through multi-party email threads?

A: Security teams should verify the transaction outside the email thread, using known contact paths, registered counterparty details, and pre-agreed payment instructions. They should treat new domains, new participants, and unusual request timing as warning signs. The goal is to prove relationship authenticity before business action, not to rely on message tone alone.

Q: Why do multi-party scams bypass traditional email security controls?

A: They bypass traditional controls because the message content is often clean, professional, and contextually plausible. The fraud succeeds through relationship fabrication, domain lookalikes, and thread manipulation rather than obvious malware or malformed links. Content filters miss the fact that the business relationship itself has been invented.

Q: How can organisations measure whether their fraud controls are catching relationship-based attacks?

A: Measure how often suspicious requests are flagged before any payment, shipment, or account change occurs, and whether those flags were based on identity, domain, or conversation anomalies. A useful signal is the percentage of escalations that come from first-time counterparties or newly registered domains.

Q: Who should own response when an email thread appears to be a fabricated business relationship?

A: Ownership should sit with finance, operations, and security together, because the risk is both fraudulent communication and fraudulent transaction authority. Security should investigate identity and domain provenance, while the business owner should stop the transaction until the counterpart can be verified through an independent channel.

Technical breakdown

Lookalike domains as transaction scaffolding

Multi-party fraud often begins with domain registration that mirrors the names of companies already involved in a deal. Attackers create enough surface similarity to make each message seem consistent with the others, then build a false narrative across separate inboxes. The real trick is not a single convincing email, but a coordinated set of identities, each one reinforcing the next. This is why simple sender reputation checks fail. They evaluate messages in isolation, while the fraud succeeds because the conversation itself is engineered to feel legitimate across multiple parties and timing windows.

Practical implication: validate domain provenance and transaction participants before approving payment, shipment, or credit changes.

Generative AI and phishing-as-a-service at fraud scale

Generative AI lowers the quality bar for social engineering by producing polished, context-aware messages that sound like real business correspondence. Phishing-as-a-service adds industrialisation by giving attackers infrastructure for campaign management, automation, and credential harvesting. Together, they let low-skill actors run sophisticated impersonation chains without needing deep technical expertise. The result is scale plus plausibility, which is a dangerous combination for finance, sales, and operations workflows that rely on rapid human judgment. Legacy secure email gateways are poorly matched to this model because they focus on known-bad indicators rather than relationship behaviour.

Practical implication: pair email controls with behavioural detection that looks for relationship anomalies, not just malicious content.

Why behavioural baselines detect what secure email gateways miss

A behavioural AI model can compare a message against normal communication patterns for a person, team, and counterparties. That means it can detect when a sender is new, a domain was registered unusually recently, a thread is outside normal relationships, or a request appears in an unexpected sequence. This matters because these scams often look clean at the message level. The failure mode is contextual: the request is plausible in isolation but abnormal in the history of how the organisation actually transacts. Behavioural analysis turns communication history into a control surface.

Practical implication: monitor sender relationships, message timing, and transaction context as primary fraud signals.

Threat narrative

Attacker objective: The attacker’s objective is to obtain goods or payments by manufacturing a trusted business relationship that never existed.

1. Entry occurs when attackers register lookalike domains and seed the conversation with a convincing request that appears to come from an existing stakeholder in the transaction.
2. Escalation happens as the attacker adds more fake participants, uses AI-written replies to sustain the thread, and elicits missing operational details that make the fraud look more credible.
3. Impact is achieved when the target sends goods, releases funds, or changes banking instructions based on a fabricated relationship chain that has been made to appear routine.

Breaches seen in the wild

• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.
• Schneider Electric credentials breach — exposed credentials gave attackers access to Schneider Electric Jira, exfiltrating 40GB.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Multi-party fraud is an identity problem disguised as email abuse. The article shows that attackers are no longer relying on one spoofed sender or one malicious link. They are constructing believable business relationships across multiple fake identities, which means the control failure sits in trust validation, not just message inspection. The practitioner implication is that relationship provenance must be treated as part of identity governance.

Relationship fraud creates a governance gap between communication trust and transaction authority. Accounts, sales, legal, and operations teams are being asked to act on conversational cues that can now be manufactured at scale. That breaks the assumption that a plausible request is a legitimate request. The implication is that approval workflows need stronger evidence of counterpart authenticity before business action is taken.

Behavioural AI is becoming the control plane for fraud detection because static controls cannot model transaction context. Legacy secure email gateways are tuned to known bad indicators, but multi-party scams succeed by looking routine and business-like. This is where the named concept of conversation provenance matters: organisations need to know whether the relationship, the thread, and the request history all align. The practitioner implication is to govern communications by context, not just content.

Phishing-as-a-service turns social engineering into a repeatable operating model. The article’s point is not only that attackers are more persuasive, but that they can now industrialise impersonation, credential harvesting, and campaign variation with little skill. That changes the defensive baseline for IAM and fraud teams alike. The implication is that resilience now depends on detecting coordination patterns, not hoping for human suspicion alone.

From our research:

• From our research: 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
• Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to the same report.
• For a broader NHI governance lens, see NHI Lifecycle Management Guide for how lifecycle controls reduce exposure across machine identities and access paths.

What this signals

Relationship fraud is increasingly a governance failure, not just a security detection problem. As attackers use AI-written communication to simulate legitimate business exchange, organisations need controls that validate counterpart provenance, transaction context, and approval authority before action is taken. The practical shift is toward identity-aware fraud controls that sit closer to operations.

Conversation provenance: the next control boundary is whether a thread is real, not whether a message looks malicious. That means finance and legal workflows need to treat domain age, participant history, and request sequencing as first-class risk indicators, especially where payment release or shipment occurs.

With 80% of organisations already reporting AI agents acting beyond intended scope in other contexts, per AI Agents: The New Attack Surface report, the broader lesson is that trust boundaries are collapsing across both human and machine-mediated processes. Identity teams should prepare for fraud workflows that blend social engineering, automation, and impersonation in one chain.

For practitioners

• Require transaction provenance checks before payment release Confirm that the sender domain, counterpart identity, and request path all match known records before releasing funds or changing banking details.
• Add relationship baselines to fraud monitoring Track first-time correspondents, unexpected domain registrations, new email applications, and unusual thread structures as fraud indicators across finance and operations.
• Train frontline teams on missing-details manipulation Teach staff not to supply process fragments such as payment instruction formats, approval language, or workflow wording to unverified contacts.
• Escalate suspicious multi-party threads to manual verification Route any payment, order, or credit request that involves newly created domains or unfamiliar participants to a separate verification step before action.

Key takeaways

• Multi-party fraud works because attackers can fabricate the relationship, not just the message.
• The article shows how lookalike domains, generative AI, and phishing-as-a-service combine to make fraud look operationally routine.
• The right response is to verify transaction provenance, not to depend on human suspicion or legacy email filters.

Key terms

• Multi-party fraud: A fraud pattern where attackers impersonate several legitimate participants in the same business process to create false trust. The goal is to make one request appear validated by others, so the target accepts it as routine rather than suspicious.
• Conversation provenance: The evidence that an email thread, participant set, and request history genuinely belong to the business relationship being claimed. In practice, it combines domain age, sender history, and transaction context to distinguish a real exchange from a fabricated one.
• Phishing-as-a-service: A commoditised attacker model that supplies ready-made infrastructure for running phishing and related social engineering campaigns. It reduces the skill needed to launch fraud by automating email delivery, credential capture, and campaign management.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Abnormal AI: key insights on multi-party email scams, RFQ fraud, and AI-powered detection. Read the original.