Freight and transportation are the pillars of the global supply chain, and any hiccup in services can be disastrous to the global economy. The shipping sector’s overreliance on IT and electronic trading platforms, supply chain communications, and documentation has made it a lucrative target for cybercriminals. With so many players in the industry under pressure to secure new business channels and partner relations, these companies sometimes overlook due diligence when transacting with service providers and suppliers, making it fertile territory for fraud.
Double-Brokering Phishing Attacks
In addition to ransomware and other malware attacks on the shipping industry, phishing attacks, particularly double-brokering fraud, have increased exponentially in the last few years. Double brokering is the predominant worry among freight brokers, with 50 percent calling it their top concern.
The scam starts with a fraudster using an impersonated transportation company domain to launch a targeted phishing campaign against a shipper. Using motor carrier details makes it look legitimate. The phished victims reply to the fraudster with all shipping details, including the load information, where it needs to be picked up, the destination and weight, and the final freight charges. The fraudster offers the service at a discounted price to bag the contract, then engages a legitimate cargo carrier to ship the load at a lower price, pocketing the difference. Sometimes fraudsters will accept payment from the shipper but fail to pay the carrier.
Victims fall for double-brokering fraud because many transportation companies do not have a website. Instead, fraudsters set up a website in their name, impersonating the company to conduct their malicious transactions.
The consequences are not only financial. If the fraudster hires a disreputable cargo carrier with a poor safety rating, they may delay, damage, or lose the shipped goods, inviting legal trouble, increasing product costs and creating further delays. The shipper may also face additional costs if the shipment is not adequately insured.
In a few cases, victims unknowingly click on malicious links in the phishing email, compromising login credentials and giving cybercriminals access to entire internal systems. In such cases, the criminals may alter shipment data and launch ransomware attacks on the victim company by holding their network hostage.
Shipping Phishing Away
Shippers must validate the freight brokers they work with by verifying their license and insurance to ensure the safety of their shipped goods and avoid double-brokering fraudsters. With the increased use of AI, phishing has advanced to become highly sophisticated, creating more convincing and evasive attacks with higher success rates. The following are ways in which shipping companies can safeguard themselves against phishing and other cyberattacks:
- Deploy zero trust. A zero-trust security policy, relying on the tenet that nobody inside or outside the company should be trusted by default, can help organizations protect sensitive information and dissuade a security incident. It uses the principle of least privilege to give users and machines the least permission required to complete their tasks.
- Enhance AI defenses to protect emails. Email authentication protocols such as SPF, DKIM, and DMARC can confirm that emails originated from the domain they were claiming to originate from, collectively mitigating email fraud and phishing attacks. But attackers still have the option to use look-alike addresses and evade these defenses. Through AI-based defenses, including natural language processing and anomaly detection, organizations can better block phishing threats in real time. AI can continuously learn from new information and events, refining its detection capabilities.
- Establish incident response plans. Implement a well-rounded incident response plan to ensure operations remain uninterrupted. This plan must identify procedures for the detection, response, and recovery from cyber incidents. Organizations should test the plan regularly in real-world settings to ascertain its effectiveness. They must evaluate risks and vulnerabilities in the complete supply chain, from third-party logistics companies to internal systems, and ensure no weak links.
- Raise cybersecurity awareness. Regular simulated phishing exercises will train employees on how to identify the earmarks of a suspicious and potentially malevolent email, text, voice, or video request, respond appropriately to phishing attacks, and stay current on social engineering threat tactics.
- Seek industry collaboration. Securing the global supply chain is a collective effort where all players must unite in an environment of cooperation. Organizations must work in close collaboration with other industry players and become part of shared groups, such as the Maritime ISAC (Information Sharing and Analysis Center), to exchange threat information and learn from industry colleagues.
Technology has introduced major efficiencies to the shipping sector. However, it has also created new cyber threats and incidents such as double-brokering fraud that threatens international trade and critical services. The sector must protect its ecosystems from cyberattacks by disseminating employee training, adopting AI-based security defenses, and working with peers and experts to operate seamless global supply chains.