The transportation industry, like other sectors of the economy, is increasingly becoming a target for cyber criminals, who are using fake emails to extort funds. One of the common methods is so-called email fraud or phishing, where criminals impersonate employees or contractors to redirect payments to their account. The application of this method in transportation is particularly effective due to the high frequency of transactions and the international nature of cooperation, which often complicates the detection of fraud.
How does extortion work on a fake email address?
The mechanism of this type of fraud is relatively straightforward.
“Criminals impersonate a person or company (most often a service or goods provider) in order to intercept a payment that is supposed to go into the bank account of the actual recipient. Criminals gain access to email accounts or create an email address that is strikingly similar to the real one (for example, with a slightly changed letter or domain extension), and then send a transfer instruction to the “new” bank account,” explains Paulina Eliasz-Pietrusewicz, legal advisor with TC Law Firm.
Typically, such schemes involve fraudulent invoices – the fraudster sends an email with an invoice that looks like the original one, often with seemingly authentic sender’s details, but with a fabricated account number.
Cloning instructions for bank account changes are also risky – criminals inform that the supplier’s bank account has changed and ask for funds to be transferred to a new, fake account.
“Criminals often impersonate management. The criminal sends a message, impersonating a board member or financial director, ordering an urgent transfer to the given account,” Eliasz-Pietrusewicz states.
There was a recent case in Poland where a transport company fell victim to such fraud. After receiving a message from an email address where the sender was impersonating a key supplier, the company transferred the payment to a fake account in another country. The criminals exploited a gap in email security and lack of payment verification procedures.
The case eventually ended up in court. The carrier sued its contractor, who sent the compensation to the account number indicated in the fraudulent email, instead of the account number on the invoice. The contractor argued that they received an invoice with a new account number from the same email address where they used to get emails from the carrier. That’s why they assumed fulfilled the obligation and that there was no need to pay twice for the same service. However, the court found the contractor responsible for verifying the transfer data and should have been more cautious. Even if he fell victim to fraud, he did not fulfill his obligation to the carrier. Since the contractor did not exercise special caution in verifying the account, he should pay the plaintiff again, who did not receive the transferred funds. (Judgment of the District Court in Kalisz of November 30, 2022, file number: V GC 460/18)
Why is transport particularly vulnerable to fraud?
The reason for this state of affairs is seen by the legal advisor from TC Law Firm in the specifics of the TSL sector:
“The transport industry involves frequent and fast international transactions. Orders are executed in different countries and on a large scale, making it more difficult to track all payments and communication. under these conditions, it is difficult to detect fake messages, especially when criminals prepare a message perfectly – for example, attaching documents that look like real invoices and bills of lading,” says Paulina Eliasz-Pietrusewicz.
In addition, transport requires cooperation with many partners, increasing the chance that fraud will be overlooked. Criminals often take advantage of moments when companies are under pressure, e.g., from the need for a quick delivery or payment for services on time, to create a rush and reduce the chance of data verification.
How to protect against fraud on fake email addresses?
Protection against phishing and fraud in the transport industry requires a range of precautions and the implementation of special procedures. The first and basic line of defense is education, including training for employees. They must know how to recognize potentially suspicious emails, especially those containing payment instructions. Verification of changes in payment data is also important – each notification of changes to a bank account should be verified by phone contact with the person who issued the invoice. This becomes particularly crucial when a message appears unexpectedly or from a contractor with whom contact has been infrequent so far. Furthermore, any changes in a bank account or payment terms should go through a person dedicated in the company that is responsible for verifying these details. Financial department employees should be trained to treat every unusual request for data change with caution and verify the authenticity of the notification.
Secure communication channels are also crucial. Using financial management systems with two-factor authentication (2FA) and appropriate safeguards can help prevent situations where someone gains access to confidential information or takes over email communication.
We should also pay attention to the regular monitoring of changes in data of suppliers and customers – this may help detect fraud sooner. In case of any suspicions, all contact details should be checked thoroughly to exclude possible fraud.
Source: https://managerplus.pl/cyberzagrozenia-w-transporcie-jak-branza-tsl-staje-sie-celem-wyludzen-finansowych-38935
