Email security

Zephyr Energy loses £700,000 in payment fraud attack

Scam fraud security warning crime internet technology phishing online alert digital risk protection threat background with danger message spam cyber concept hacking attack email sms caution symbol

British oil and gas company Zephyr Energy reported a significant financial loss after a cyberattack resulted in the theft of £700,000 (approximately $1 million) from one of its U.S. subsidiaries. The funds were diverted from a payment intended for a contractor into an account controlled by hackers, based on information published by TechCrunch.

The incident, disclosed in a regulatory filing, involved a business email compromise attack where cybercriminals likely infiltrated email or accounting systems to alter payment details. This allowed them to redirect funds meant for a contractor to their own account.

While Zephyr Energy stated its operations remain unaffected and it is working with banks to recover the money, the FBI's latest report indicates that business email compromise attacks are a leading cause of financial crime, with victims losing over $3 billion in 2025 alone. Zephyr Energy has since implemented additional security measures beyond its industry-standard practices.

Source: TechCrunch

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds