By selecting UK flag, you have now set your site language to English. If you'd like to change your language preference again, simply click on one of the other flags.

Close

こちら Japan flag を選択して頂くと、言語設定が日本語に切り替わります。設定変更後は以下の機能が利用可能です。

  • 日本語版ウェブサイトへのクイックアクセスが可能となり、日本語の刊行物をご覧頂けます。

  • 日本語版が閲覧可能な刊行物や記事については、日本語が優先表示されます。表示言語については Japan flag をご参照下さい。

閉じる 言語設定を切り替えたい場合には、国旗のマークをクリックして下さい。

By selecting Japan flag, you have now set your language to Japanese. This has several benefits, including:

  • Providing quick access to our Japan page, which collates all our Japanese content in one place.

  • Ensures that content is presented to you in Japanese first, if we have an article, publication or webpage available in Japanese. Look out for the Japan flag indicators across the site.

Close If you’d like to change your language preferences again, simply click on one of the other flags.

点击选择 China flag,可将网站语言设置为中文。这能帮助您:

  • 快速访问我们的中国区页面,该页面将有网站内容的中文汇总。

  • 在我们的文章、出版物或者网页有中文版本提供的情况下,确保首先向您展示的是中文版本的内容。您可关注站点上的 China flag 按键。

关闭 点击任意其他国旗,可切换您的语言偏好。

By selecting China flag, you have now set your language to Chinese. This has several benefits, including:

  • Providing quick access to our China page, which collates all our Chinese content in one place.

  • Ensures that content is presented to you in Chinese first, if we have an article, publication or webpage available in Chinese. Look out for the China flag indicators across the site.

Close If you’d like to change your language preferences again, simply click on one of the other flags.

Cyber Security - Be Aware of Payment Scams

A common scam is for a hacker to pose as a payee in an email trail. The hacker will use a very similar email to a known contact and will ask for a payment to be diverted to a different account to that normally used. We look at a recent case.

Background

In respect of hire payment due under the subject fixture, Charterers received the following email, purportedly originating from the accounts department of Owners of the subject vessel:

“Reference to our previous email, we received a notification from our bank that our Account has been subjected to some tight scrutiny by the Income Tax Dept. and at this moment, we are unable to operate our previous Account, due to which, we cannot use the funds that you will transfer until the scrutiny is released.

Therefore, this might require a change of account for receiving the value of our invoice. On your confirmation that payment has not yet been sent we will forward you our company’s subsidiary bank details with a revised invoice.”

Cyber RiskThe email had seemingly come from the account of the Owners, Charterers duly made payment of two hire payments into, what they believed to be, Owners’ alternative bank account and evidenced, via swift confirmations, that this had been done.

It soon became evident that Charterers had fallen victim to a fraudulent diversion of hire payment. On closer inspection, it transpired the email address had been changed by one letter (for example mrbloggs@steamtank had been changed to mrbloggs@steamtenk – note the change from “tank” to “tenk” – this went unnoticed by Charterers). Two hire payments due to Owners under the fixture totalling over US$100,000 remained unpaid.

Under the terms of the recap, incorporating a SHELLTIME 4 form charterparty, Charterers were obliged to “ARRANGE TIMELY HIRE PAYMENT”. In circumstances where Charterers were in default of this obligation, Owners were entitled, pursuant to clause 9 (a) of SHELLTIME 4, to withdraw the vessel from service if the default was not corrected within 3 days of Owners giving notice to Charterers that payment of hire was late (the “Anti-Technicality Clause”).

Discussions between the parties failed to reach an amicable conclusion and Owners withdrew the vessel and accepted Charterers’ repudiation of the charterparty.

Lessons Learnt

  • The email received, purportedly from Owners, originated from an account very similar to the Owners’ legitimate accounts department. Always check the email address carefully – any changes to the normal address should be treated as suspicious.
  • In all prior correspondence originating from Owners’ accounts department, the email was personally signed off. In the email received from the fraudsters the email was simply signed off as ‘Accounts Department’. This is a clue that something is different – be suspicious in these circumstances.
  • In circumstances where a bank account has been provided for in the charterparty/fixture recap, treat this as the main account into which payment of hire/freight should be made.
  • Do not reply to the email account from which the instruction to make payment into a different account was received. Always use an email address that has been verified as legitimate.
  • Never call the telephone numbers provided for in the suspicious email. Always use a telephone number that has been verified as legitimate.

TelephoneGolden Rule

If you receive an email asking you to pay funds due to a different account telephone your counterpart DO NOT email them – the malware viruses will create automatic email responses that will appear genuine.

Contractual Arrangements

Talk to the other party about what may happen in the event of a cybercrime issue prior to contracting and agree what will happen (and evidence this in the contract) in the event that such an incident may arise.

Where the contract remains silent, charterers bear the risk of paying twice where they have been the target of fraud. Where charterers fail to adhere to hire/freight payment obligations, owners may be justified in withdrawing the vessel from charterers’ service where the contract provides that they are able to do so.

Cyber Security

North’s Loss Prevention Department has launched a dedicated Cyber Risks area on our website, where you can find a number of related articles and LP Briefings.  The new Cyber Risks area can be accessed in the Signals Online section of our website or by following the below link:

 /our-services/loss-prevention/signals-online/cyber-risks/

We would like to thank Mr Allen Marks of Campbell Johnston Clark for his contribution in writing this article.

This website, www.nepia.com, is now in archive and will not be updated with new content. The website will remain accessible for a short time as we complete the transfer of relevant content to the new NorthStandard website (north-standard.com).

If you would like to access the ECDIS training assessment app (ETA), you can still register for app access via MyNorth.

Please head to north-standard.com for the latest industry news, expert analysis and publications, club rules and contacts, and access to our newly launched digital tools specifically designed to support your operations.

TAKE ME TO NORTH-STANDARD.COM