Cybersecurity

How to protect the global supply chain from phishing scams

Best global connection of Industrial Container Cargo freight ship for Logistic Import Export background phishing

phishing Image: Getty Images/iStockphoto.

Blake Darché
Head of Cloudforce One & Threat Intelligence, Cloudflare
  • Disruptions to the global supply disruptions, particularly from cyberthreats, can have catastrophic consequences for the economy.
  • Freight and transportation companies, the backbone of the global supply chain, need to increase their focus on cybersecurity to avoid reputational and financial damage.
  • Advanced machine learning and artificial intelligence can help uncover phishing schemes to help organizations stay on top of attempted cyberthreats.

The supply chain is a highly interconnected ecosystem of suppliers, manufacturers, logistics, retailers and finally, consumers. The exchange of goods and the flow of transportation between all of these various groups is the backbone of our global economy. But if disrupted, our interconnected world could face all types and levels of chaos – from stolen Christmas presents to empty shelves in grocery stores or hospitals being unable to get their hands on life-saving supplies.

It is imperative that organizations prepare for significant cyber incidents. A new white paper from the World Economic Forum, in collaboration with the University of Oxford, unpacks the concept of cyber resilience, outlining the evolution of the cyber paradigm and highlighting that cyber resilience is an organization’s ability to minimize the impact of significant cyber incidents on its primary goals and objectives.

Have you read?

Although it may not be your typical headline-grabbing attack on a household name, freight and transportation organizations have been facing growing cyberthreats. Over the past several months, Cloudforce One has been actively monitoring impersonation attempts of transport and freight organizations, whereby a threat actor will create a fake company and trick victims into loading the necessary details to enable them to intercept or disrupt the transaction. These scams, also known as double brokering scams, have been rising rapidly in the last few years, with one freight solution provider having seen a 400% increase in complaints since 2022.

What is double brokering and why is it so prevalent?

Double brokering was found to be the number one type of fraud that worries freight brokers most, with 50% placing it as their top concern. During a double brokering attack, threat actors impersonate a freight organization, acting as a middleman between the sending and receiving companies. This type of scam has become incredibly common due to the high volume of transportation companies that exist, many of which don’t have a website, making it even easier to impersonate – i.e. threat actors can set up a website in their name to conduct their fraudulent transactions.

Double brokering scams are almost always initiated through a phishing email. Based on how prevalent email is, and the fact that phishing exploits human behaviour instead of technical vulnerabilities, threat actors can more easily carry out malicious activity and bypass security protocols.

In successful instances, the victim replies with the load information, including picked up details, the destination and the quantity and weight of the package. The threat actor then bids on the shipment by offering a discounted price, enticing the victim to accept it. Once the offer is accepted, the threat actor then offers a legitimate cargo carrier for the shipment at a lower price and pockets the difference.

Aside from financial loss, these types of attacks can lead to the reputational damage of cargo carriers – with poor reliability or safety ratings, delayed shipments or damaged and lost goods.

What can transportation companies do to protect themselves against this threat?

1. Build security awareness to minimize risks

The first line of defence to help prevent double brokering is simple: awareness. While this is not a foolproof defence, the human element of phishing calls for a human defence. For example, recipients should verify the legitimacy of the sender by first analysing the domain that it is sent from. Threat actors often create fraudulent domains by adding “LLC” or “INC” at the end of a legitimate company name. For example, if xyzshipping.com is the legitimate domain, the threat actor would slightly alter it and use xyzshippingllc.com.

These emails have become increasingly convincing due to threat actors including the motor carrier number of a legitimate transport company to request full information about the load. These convincing details and brand impersonation make these emails appear to be legitimate in the eyes of the victim.

2. Acknowledge that technology is only part of the solution

Email security tools designed to detect, block and isolate phishing threats can significantly reduce the risk of double brokering scams. But most tools are not as effective as we’d like them to be – with about 89% of unwanted messages having “passed” the three most common email authentication checks: DMARC, DKIM and SPF. These are the email authentication methods that help prevent spammers, phishers and other unauthorized parties from sending emails on behalf of a domain they do not own.

That being said, leveraging advanced machine learning (ML) and artificial intelligence (AI) technology to uncover new phishing schemes, as well as tracking new tactics used by threat actors in real time, will help organizations stay on top of the attempted threats that the organization faces.

3. Invest in cyber resilience

Cyber resilience goes beyond cybersecurity, and it is imperative that organizations prepare for significant cyber incidents in such a dynamic environment, making sure their operations and growth potential are undamaged. This approach encourages them to consider the many ways in which they are vulnerable and how they can limit the potential impacts – whether these arise from their use of information or operational technology, or from the use of digital technology by others in their supply chain or wider ecosystem.

Protecting the global supply chain

Securing the global supply chain is a collective effort that requires the cooperation and collaboration of all parties involved. Organizations need to develop adaptable strategies and leverage shared insights from industry peers to navigate the growing complexities of the cyber landscape. Proactive collaboration and continuous learning will play a vital role in enhancing cyber resilience. As freight and transportation continue to serve as the backbone of our global supply chain, the industry must put increased focus on security to avoid reputational and financial damages. On the flip side, consumers must also remain vigilant when opening emails, so as to identify indicators of fraud.

Cloudflare's Cloudforce One Threat Intelligence Team contributed to this article. Another version of this article is also available on Cloudflare’s platform here.

Loading...
Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybersecurity

Related topics:
CybersecuritySupply Chains and Transportation
Share:
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
World Economic Forum logo

Forum Stories newsletter

Bringing you weekly curated insights and analysis on the global issues that matter.

Subscribe today

4 ways to advance equity in cyberspace

Kate Whiting

December 12, 2024

The top cybersecurity stories from 2024

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum