Phishers use freight giant to catch the unwary

Thousands of people have been targeted by a phishing scam impersonating major freight company Maersk, according to fresh data released by Vade.

Customers of the international shipping company were sent emails with the title “Maersk original shipping document” from a faked version of its legitimate email address. Victims were then invited to click through to a bogus portal telling them to enter their own emails and passwords – details that were then harvested by the threat actors behind the scam.

Cybersecurity company Vade said phishing campaigns impersonating Maersk had been detected since 2018, and that the latest wave this year had zeroed in on more than 36,000 recipients in New Zealand. The country’s location makes it vulnerable to supply chain crises, making it also susceptible to cybercriminals impersonating major shipping providers.

And as the world’s largest shipping company until last year, Maersk is a prime choice for phishers seeking a reputable firm to impersonate.

Vade added that the COVID pandemic has exacerbated the situation, as supply lines fall into disarray, making firms and individuals dependent on such services more susceptible to phishing attacks.

Moreover, Russia’s invasion means that cybercriminals could migrate their social engineering campaigns to other industries affected by the conflict in Europe.

“The war brings with it challenges to the global food supply chain, Ukraine being a major supplier of both wheat and sunflower oil,” said Vade. “Not only are hackers impersonating shipping, but [they are] also directly targeting farming and agricultural companies.”

The FBI has warned the food and agriculture sectors of a potential rise in cyberattacks during planting and harvest seasons, after agricultural equipment giant AGCO was hit this month with a ransomware attack. Last month alone, Vade detected a 23% increase in phishing emails worldwide.

More from Cybernews:

'Space pirates' penetrate deep into Russia's aerospace industry

US accuses doctor of designing ransomware

Twitter CEO: we suspend over half a million spam accounts every day

Defenders detected a 28-fold surge in Emotet email spam

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked