In a sobering reminder of the rising threat of cyber-enabled financial crime, international manufacturing giant Orion has revealed that it recently lost $60 million USD in a Business Email Compromise (BEC) scam — one of the largest known losses to date involving a single employee.

The scam, which targeted a non-executive staff member in the company’s finance department, exploited a mix of social engineering and email spoofing to redirect corporate funds intended for legitimate vendor payments.

How the Attack Unfolded

According to a statement released by Orion’s internal investigation team, the cybercriminals gained access to internal communications by spoofing the email address of a senior executive and embedding themselves in ongoing email threads related to routine financial transactions.

The attackers instructed the unsuspecting employee to update payment instructions for a foreign supplier, rerouting funds to a fraudulent bank account in Asia. By the time the fraud was discovered, $60 million had already been transferred and laundered across multiple offshore accounts.

Orion confirmed that no ransomware or technical breach was involved — the entire scheme was executed through carefully crafted emails and behavioral manipulation.

A Stark Wake-Up Call

“This incident is deeply distressing and a painful lesson,” said an Orion spokesperson. “Our employee acted in good faith under what appeared to be a normal instruction. It highlights just how sophisticated and believable BEC attacks have become.”

The company is now working closely with law enforcement agencies, cybersecurity experts, and financial regulators to trace the stolen funds and investigate the source of the attack.

FCEN’s Response and Support

The Financial Crime Enforcement Network (FCEN) has urged all businesses — regardless of size — to treat BEC scams as a critical threat to financial infrastructure.

“These attacks don’t just target CEOs — they exploit any access point, especially junior or mid-level employees who are less likely to question internal requests,” said an FCEN analyst. “In today’s world, everyone in an organization must be trained to recognize fraud.”

FCEN is assisting Orion in coordinating with international partners and using advanced tracing tools to identify where the funds were moved. The recovery effort is ongoing.

How to Protect Your Organization

FCEN advises companies to implement the following safeguards:

• Use multi-factor authentication (MFA) for all email accounts

• Verify payment changes via a second communication channel (e.g., phone call)

• Conduct regular staff training on phishing and BEC red flags

• Set up email rules to detect spoofed or lookalike addresses

• Limit access to sensitive financial workflows

If You’ve Been Targeted

If your business has experienced a BEC attack or suspicious email-based fraud attempt:

1. Act immediately — time is critical

2. Visit efincengovs.com

3. Click “File a Complaint” and submit all relevant details (email headers, wire receipts, conversation logs)

FCEN’s investigative and recovery team is ready to assist with tracing and, where possible, recovering lost funds.

Final Word

The Orion case is a harsh reminder that financial fraud is not only a cybersecurity issue — it’s a business continuity threat. As BEC scams grow in scale and sophistication, companies must act faster, train smarter, and invest in protection.

Let this be your warning. And let us help you fight back.
Visit efincengovs.com to report, recover, and secure your future.