A bank transfer fraud cost this company millions – here’s how you can protect yourself
Orion SA, a global supplier of carbon black (a solid form of carbon), announced that it had fallen victim to a sophisticated fraud and transferred $60 million to the fraudsters’ accounts.
The company confirmed the fiasco in an 8-K form it filed with the U.S. Securities and Exchange Commission (SEC) on August 10.
In the document, the company stated that an employee (not a member of senior management) had been targeted by criminals: “On August 10, 2024, Orion SA determined that an employee of the company, who is not a named senior executive, was the target of a criminal scheme that resulted in several fraudulent outgoing transfers to accounts controlled by unknown third parties.”
Insurance coverage
Orion did not provide any further details about the attack, but since it involved multiple electronic transfers initiated by an employee, it is safe to assume that it was a Business Email Compromise (BEC) attack.
In BEC attacks, a threat actor either gains access to an executive’s email account or can impersonate an executive through typosquatting.
They then contact an employee who has access to company funds and try to persuade them to make a payment. Sometimes they claim that the company is buying a competitor and the whole process must be done quickly and quietly to avoid attracting the attention of the media or other companies, as this could jeopardize the deal. In some cases, the scammers even call the victims to persuade them to make the transfer faster.
BEC attacks work exceptionally well, especially in large organizations where many employees never meet their leaders and don’t know how they speak or behave. In fact, some reports claim that BEC is one of the most devastating forms of cybercrime, along with ransomware.
Orion said it had thoroughly investigated the case and found no further fraudulent activity or theft of confidential company data. However, the company stressed that law enforcement authorities had been notified and would work to recover the funds, “including any insurance coverage that may be available.”
About TechCrunch