Chemical manufacturing company Orion has revealed it has lost $60m in a business email compromise (BEC) scam.
In a filing to the US Securities and Exchange Commission (SEC), the Luxembourg headquartered firm said a non-executive employee was tricked into transferring the funds to third-party accounts.
“On August 10, 2024, Orion S.A. determined that a Company employee, who is not a Named Executive Officer, was the target of a criminal scheme that resulted in multiple fraudulently induced outbound wire transfers to accounts controlled by unknown third parties,” Orion stated.
No further details on the BEC attack were provided in the filing, dated August 12.
Orion said it is working with law enforcement to pursue the recovery of the funds through all legally available means, including potentially available insurance coverage.
There is no evidence of additional fraudulent activity or that any unauthorized access to company systems or data was gained by the attackers.
BEC Among the Costliest Attack Vectors
BEC attacks are when fraudsters contact employees with access to the organizations’ funds, normally impersonating a senior executive, asking them to transfer large sums to an account.
The FBI’s Internet Crime Report 2023 found that BEC attacks cost US businesses $2.9bn in 2023, making it the second most damaging internet crime.
Insurance firm Coalition revealed in April 2024 that BEC and funds transfer fraud (FTF) were the top two events leading to cybersecurity insurance claims in 2023.
These attacks have been enhanced by the development of deepfake technology, allowing fraudsters to accurately impersonate the voice of senior business leaders by phone calls.
Additionally, generative AI tools have been used to create convincing fake emails for BEC attacks.
Read now: BEC Attacks Surge 20% Annually Thanks to AI Tooling
Law enforcement have had some success in recovering funds stolen through BEC scams. In August 2024, police were able to recover nearly all of the $42.3m stolen from a Singaporean commodity firm after scammers impersonated a legitimate supplier.