Seatrade Maritime is part of the Informa Markets Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

How a simple phone call can stop cyber-fraud

Photo: Julian Hochesang - Unsplash julian-hochgesang-Dkn8-zPIbwo-unsplash.jpg
With the digital revolution the humble telephone increasingly just gathers dust on people’s desks, but insurers ITIC say it is a useful tool against in combating cyber-crime.

The International Transport Intermediaries Club (ITIC) flagged up how making a simple phone call can avoid fraudulent payments being made to cyber-criminals.

The insurer gave the example of how cyber-criminals infiltrated communications between a ship manager and a shipyard over payments for repair works.

The ship manager had already received an email from the yard detailing payment for the first instalment of repair work, a day before the payment was due a second email was received by the manager saying the payment routing had changed due to a “certain difficulty”. The manager did not notice the email address had been spoofed with part of it changed from “irn” to “im”.

A new invoice was received, on the same template, and the manager made payment, thinking that they had paid the shipyard but in fact the monies were sent to fraudsters. The cyber-criminals even sent a receipt of payment, which appeared to come from the yard.

A few days later a second invoice from the yard was also intercepted by the cyber-criminals, and same process with a fake invoice repeated.

“In total, the ship manager paid $500,000 to the fraudsters and, as the yard had received nothing, they claimed this amount from the ship manager. With ITIC’s involvement, the claim was reduced to $360,000 to reflect that the yard was partly at fault for not operating secure internal systems. ITIC settled the claim,” the club explained.

A simple phonecall made to the yard to confirm changes in bank details could have avoided the fraudulent payments. ITIC also stressed companies should use a number they trust for such verification purposes, and not the one that is stated on the potentially fraudulent invoice.

Hide comments
account-default-image

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish