Internet of Things (IoT) security becomes of great importance, as IoT is the foundation for many emerging services. To safeguard IoT security, cryptosystems at upper layer relying on sophisticated key management alone can face many challenges due to the massive deployment of resource constrained machine-type communication (MTC) devices. Physical layer (PHY) security can complement and enhance IoT security, by exploiting the characteristics of the bottom layer. In PHY security, channel state information (CSI) estimated through reverse pilot training is essential for the sender to select appropriate beamforming/precoder, which however is also vulnerable to adversaries. An adversary can actively launch pilot contamination attacks to affect the channel estimation and improve its signal reception quality. In this paper, we propose a relay-aided vectorized (RAV) secure transmission scheme, to safeguard the downlink communication in IoT networks under potential pilot contamination attacks. The proposed scheme does not distinguish the pilot sequences sent from an adversary and the receiver; and the sender utilizes what it receives to estimate the CSI for beamforming/precoder design. Then, a set of data symbols are presuperposed using a random complex matrix to form signal vectors to send. Through cooperation with a relay, the signal vectors can be recovered by the intended receiver whereas the adversary or the relay cannot, as proved through security analysis. The simulation results also demonstrate that the bit error rate (BER) of the adversary is 0.5 regardless of its channel quality, indicating perfect secrecy is achieved.