Phishing remains the #1 way attackers breach organizations. These scams are evolving—using AI, urgency, and emotional manipulation to trick users. KnowBe4 reports a 17.3% increase in phishing emails, with over 80% using AI to bypass filters. At Envision IT, we help companies build a culture of vigilance.
Behind the Breach: Orion Chemical Manufacturing BEC Attack (2024)
In one of the largest Business Email Compromise (BEC) losses ever reported, a non-executive employee at Orion Chemical Manufacturing was tricked into transferring $60 million to fraudulent accounts. The scam relied on a convincing phishing email that mimicked legitimate payment instructions.
This incident could have been prevented with a simple verification step—confirming the request through a secondary channel like a phone call or internal messaging. It’s a powerful reminder that scam awareness and process discipline are just as critical as technical defenses.
Common Red Flags:
- Urgent language (“Act now!”)
- Suspicious links or attachments
- Unfamiliar senders or spoofed domains
- Requests for sensitive info
How to Stay Safe:
- Hover over links before clicking.
- Verify unexpected requests via a separate channel.
- Report suspicious emails to IT immediately.
Make It Easy:
- Run regular phishing simulations.
- Use email filtering tools like Microsoft Defender for Office 365.
- Share real-world examples during team meetings.
For IT Leaders: Invest in user training and awareness platforms. Track phishing metrics and celebrate improvements. Phishing is preventable—but only if your people know what to look for. Empower them to spot the scam before it hooks them.
