$60M Lost: Bank Wire Transfer Fraud + BEC Beat Email Security

August 16, 2024

Texas-based company Orion lost $60 million in a wire transfer scam, where criminals used tactics such as hacked emails and deepfakes to impersonate executives. The FBI warns that this type of fraud is a growing multibillion-dollar threat.

4 min read

$60 million was recently lost by Texas-based firm Orion to a massive bank wire transfer fraud scam. Unfortunately, this is not an isolated incident. As identified by the FBI, bank wire transfer fraud is a growing multibillion-dollar problem impacting many businesses. Some other newsworthy examples include:

  • Toyota lost $37M to a BEC attack involving invoice fraud
  • Tech Firm Ubiquiti lost $46M via CEO impersonation
  • Scouler Co. lost $17.2M acquisition scam via CEO impersonation
  • … and Facebook and Google lost over $100M

What is bank wire transfer fraud, and how does it work?

Bank wire transfer fraud occurs when a bad actor spoofs a vendor into paying a fraudulent account to steal funds. This type of fraud scheme is usually sophisticated and deployed via email, where the bad actors follow a playbook that follows the steps below:

  1. They open a look-a-like REAL bank account of a known vendor of an organization, usually in proximity to the original authentic bank account location.
  1. They create a new look-a-like email and domain OR have already successfully taken over an employee account at the target organization.
  1. The bad actor sends multiple emails from the look-a-like account OR hacked account to another employee in order to establish open communication channels within the organization.  At this point, they have not yet attempted to commit fraud.
  1. From there, they wait days, weeks, and sometimes months before they start submitting change requests for payments via email. In many instances, this entails editing past email chains to make it look like this request was previously discussed and approved.

So, you’re probably asking yourself how does this work? Don’t most organizations have an email security tool, such as a secure email gateway (SEG), that blocks malicious accounts from emailing employees? The answer is yes. Most do have a tool in place. Most security teams have also deployed a behavioral AI email security solution to detect anomalies from “known good” behavior.

Why Email Security is Falling Short:

Email security tools, like Secure Email Gateways (SEGs), are designed to detect malicious activity, such as bad links, domains, domain history, or attachments. When there is no malicious activity, there is no reason to set off the alarms, which ultimately allows the bad actors to remain hidden in the system. In addition, when an internal employee account is compromised, SEGs have no reason to block it since it’s not an external threat.  

This brings me to another email security solution type, Behavioral AI-based email detection. As with SEGs, these solutions can also leave organizations vulnerable to fraud via email. In this instance, they are ineffective because they rely on a baseline of “known good” behavior, which is exploited by bad actors that look to evade sending off signals of fraud early on. They instead focus on blending in by building relationships that look safe within the organization long before they attempt any actual fraud. Moreover, these models often only scan emails, missing key signs of fraud within the broader payment process and payment technology ecosystem.  

How to Stop Bank Wire Transfer Fraud and BEC Attacks

Companies require a solution and strategy that covers the full business payment landscape across communication channels and technologies, including ERP systems, to detect suspicious account changes or duplicate invoices tied to a vendor—clues that are often overlooked by email-focused detection alone.

We know bad actors evolve their malicious activities quickly, often outpacing technology. From wire fraud to BEC and internal threats, your payments are at risk—but they don’t have to be. TrustMi’s CEO and former CISO at one of Israel’s top banks, Shai Gabay, worked to develop a solution designed to support finance and security organizations that gives them the tools needed to stop these threats across the full payment landscape, including email. Contact Shai here today to learn how to protect your business.

Trusted by Finance and Security Leaders

“Trustmi provided transparency into our payment process to see where cyberattacks and errors were happening and full protection without changing our workflow."

“Like many businesses today, we’ve experienced cyber attacks on our payment process, but we didn’t realize the extent to which we were at risk until we evaluated Trustmi. Now we’re confident we’ll be able to avoid future attacks with their platform.”

“Trustmi’s platform is an important tool for our team. Their Payment Flows module increases our payment cycle security, and our team has also managed to cut down the time for preparing payments reports from half a day to half an hour.”

$200 Billion Secured

Protecting businesses globally against socially engineered fraud and errors.

Zero Compromise

Stops fraud without disrupting
legitimate payments.

$200 Billion Secured

Protecting businesses globally against socially engineered fraud and errors.

Zero Compromise

Stops fraud without disrupting legitimate payments.

To top