News / Alert on cyber criminals that go phishing and then reel in shipping firm victims

© Khunaspix Dreamstime.

Spam and ‘phishing’ emails are perpetually on the rise throughout the online universe, and the freight and shipping sector is no exception.

According to new research from CyberKeel, a maritime cyber security consultancy, 18 of the world’s largest 20 container carriers are vulnerable to a particular type of internet fraud known as “clickjacking”, which has become very popular amongst cyber criminals setting up fake websites to steal bank details.

Lars Jensen, CyberKeel chief executive told The Loadstar: “There’s not a tool you can put in place to stop people clicking the wrong links.

“There are, however, some simple tools carriers can use to make it more difficult for fake versions of their websites to be created and reduce the risks for their customers, but technically this type of cybercrime is actually an attack upon shippers.

Typically, a fraudster creates a fake version of a website a shipper arrives at via a phishing email, and once a username and password have been entered and recorded, the visitor is redirected to the genuine website and continues their business oblivious that these details have been stolen.

“A few months later there is suddenly an invoice, for say, five containers booked from X to Y, that they have never heard off,” Mr Jensen said.

He added that there were no credible statistics to indicate how widely this type of cybercrime had perpetrated the container shipping industry, “but it’s a method widely used in other fields, especially banking”.

Additionally, Israeli specialist Clearsky Cyber Security, which partners CyberKeel, this month uncovered a “large scale campaign” to impersonate shipping and banking websites, to which a New Zealand shipping company had fallen victim.

Mr Jensen continued: “Container carriers typically spend significant resources verifying the identity of a shipper before he is allowed to use the full suite of e-commerce tools. This is only natural, as such access typically results in the ability to book cargo, amend shipment information as well as submit information related to bills of lading and other freight documentation.

“It is therefore of significant concern to both carriers and shippers that relatively simple types of attack can compromise such access. Unauthorised access can, at worst, be used to steal detailed shipment information, arrange transportation for illicit cargo, make fraudulent amendments to freight documents and steal the cargo itself.”

The same research discovered that every one of the 11 maritime news sites it surveyed were vulnerable to the same risk.

As Mr Jensen noted, websites can prevent clickjacking by “using slight technical changes in their website setup”, such as using a frame-breaking functionality which can stop fraudsters framing the genuine site.

Of course, clickjacking is just one type of cyber threat to the shipping industry – a comprehensive list of other threats, how they operate and recent examples of how they have afflicted shipping can be found in a CyberKeel white paper, which found last October that 37 out of the 50 largest container shipping companies were vulnerable to what it called “relatively simple penetration attacks”.