Fraud and Cyber Crime – Emerging Cargo Theft Trends

The ongoing global pandemic has triggered significant changes in the supply chain environment, and cargo thieves have deftly adapted their methods to this new reality. As a result, these resilient and opportunistic criminals pose a grave threat to supply chain security throughout the globe.

The spread of the COVID-19 virus combined with disruptive measures enacted by governments worldwide has inspired criminals to adopt alternative tactics. Increasingly, thieves target facilities over trucks, and a spike in the theft of PPE and related medical goods last year exemplifies the use of these new methods.

Another concerning trend developing over the past year and a half is the rampant use of fraud by cargo thieves. Fraud is not a new phenomenon; however, when combined with cyber-crime, it is a tactic that presents a complex security risk for organizations to manage. In addition, determining the true identity and legitimacy of parties who present themselves as business partners is becoming more difficult.

These new threats may seem daunting, yet businesses can take action to mitigate the impact and challenges of fraud and cyber risk on supply chain resilience.

 

The Evolution of Fraud by Cargo Thieves

Historically, fraud has not been the most prominent method employed by cargo thieves. Criminals have more commonly used other, more straightforward methods such as hijackings or thefts of cargo trucks, pilferage, and facility burglaries and robberies. Fraud on the other hand has been a tactic deployed less frequently around the world. Until now.

In the United States, for example, thieves use a form of fraud known as a “fictitious pickup”. This emerging tactic most commonly involves cargo thieves deceiving employees at shipping facilities and warehouses by posing as truck drivers working for freight transportation companies. In these instances, thieves arrive at a pickup location driving a tractor-trailer, and they are equipped with fraudulent paperwork including proof of insurance and other authentic-looking forms of identity. The information they present closely resembles the information of a legitimate transportation company. In some instances, thieves have inside knowledge about what load to steal and at what location and time a truck should arrive for pick-up. The thieves make what appears to be a completely legitimate pick-up and leave the site with the shipment of goods.

Already one of the more nuanced forms of cargo theft, fraud can fool even the most seasoned employees. It has evolved over the past several months to often be conducted either fully or at least aided by electronic means. The need for companies to operate on  work-from-home basis often increases their vulnerability to various forms of cyber-crime.

Known in some parts of the world as “fake carriers”, thieves in locations like Brazil and Peru in Latin America or in countries across Europe are leveraging services provided via phone applications to deceive organizations. These apps range from person-to-person messaging platforms to even online marketplaces or freight service exchange platforms in which organizations and transporters communicate and negotiate pickups and deliveries of shipments. The apps offer another vector for cargo thieves to pose as legitimate providers and deceive companies into parting with cargo shipments or delivering goods to a waiting group of thieves. In these cases, thieves will represent fake companies and utilize fake documentation such as purchase orders and then use these apps to communicate with companies. From here, thieves follow a similar process where they have the delivery scheduled for a location where thieves are waiting to steal the cargo.

In response to this issue, the French government has modified legislation to regulate these avenues in which companies and transporters can connect. Known as the Mobility Orientation Law (LOM), the recent update to the legislation goes beyond defining both marketplaces and participants. LOM requires users who are active on the platforms to verify their legitimacy by meeting registration and communication requirements. The legislation now holds participants who engage in contractual services through these electronic marketplaces responsible for a range of potential issues that could occur during the execution of the service, such as damage or loss of goods or the arrival of goods outside the designated timeframe. This legislation highlights the growing focus on not only the accessibility and usefulness of these types of online freight transportation service exchange sites, but also the inherent risk that comes with communicating and ultimately conducting business with parties via the internet.

The expansion of fraud via electronic means is of even greater concern as more supply chains fall victim to cyber-attacks. In general, criminals have recently targeted larger supply chains with the use of ransomware, a form of attack in which hackers gain access to and hold hostage key data or software system functions until the victim company pays the specified amount of ransom money. These cyber-attack tactics made big news when they were deployed against the Colonial Pipeline in the United States, three major ocean freight companies between 2017 and 2020, and, most recently, South Africa’s state-owned seaport and rail freight operator that all but halted trade in the country.

In addition to these widely publicised incidents, other attacks have occurred that have not received as much attention but have still resulted in significant disruption for affected companies. In 2020, for example, five major road freight transportation companies in the United States and France fell victim to hacks of personal or proprietary data or ransomware attacks. The European Union also recently highlighted a supply chain cyber-attack that targeted a cloud-based cybersecurity company that provided services for email accounts. In this case, the attack targeted data for acquisition and further exploitation rather than holding information or systems hostage like in ransomware attacks. Criminals could leverage this type of cyber-attack to gain information on shipment details and enable theft operations without the cyber victim even realizing they had suffered a data breach until after the cargo theft.

While these types of disruptive ransomware cyber-attacks that often result in the interruption of business operations are growing in scale and frequency, supply chain criminals have a history of leveraging cyber-attacks to target and exploit the supply chain as far back as at least 2011. In 2013 police at the port of Antwerp in Belgium discovered an ongoing scheme in which a drug trafficking organisation recruited hackers to breach IT systems of the port that controlled the movement and location of containers. Upon acquiring this information on the arrival and location of drug-laden shipping containers, the group would send in cargo truck drivers to pick up the shipments before the actual owner of the consignment arrived. Officials at the port reportedly did discover this issue prior to 2013 and deployed a firewall to prevent further attacks of this nature; however, the drug traffickers adapted and instead broke into the physical premises of the facility and installed key-logging devices on the port terminal computers that enabled the group to bypass the security measures, and continue the scheme.

These attacks on IT infrastructure certainly underscore the risk that the supply chain is now facing from a cyber perspective. They highlight how even large, international companies with the resources to guard against cyber-attacks can still fall prey to hackers. A growing concern in the supply chain community is that criminals may have begun to shift targets and launch cyber-attacks at smaller companies. The intent of this new focus would be to gain knowledge of shipment times, routes, and other information that they can leverage to intercept or fraudulently pickup loads of goods. Although the overall return may not be as large on a single cyber-attack operation as those targeting multinational companies with ransomware, smaller companies often lack the high level of security in place to mitigate cyber risk and therefore present an easier target. These organizations are exposed to the same type of risk despite a smaller financial return for a single theft, because thieves can more easily obtain the necessary information from company systems that allows for a successful theft operation.

In addition, given the complexity of many supply chains, it is also likely that sophisticated hackers could target a business partner downstream to use as a vector for targeting the primary supply chain organisation. As such, companies should prepare and implement measures to guard against both fraudulent and cyber-attack tactics that thieves may launch against them and their partners to carry out cargo thefts. 

 

Decreasing the Risk – Due Diligence Process

It is important to undertake adequate due diligence on any new sub-contractor businesses. Have a process in place to ensure that you are contracting with reputable, reliable businesses and that they will deliver on your service and security commitment to your customer. Fraudulent activity in the haulage industry is a growing concern; bad actors can easily replicate documents and identifications to fool stakeholders into providing them access to valuable cargoes. Implementing a robust and consistent due diligence process will assist in reducing your business’s exposure to fraudulent activity.

Developing an approved contractor list for road transport and only using those businesses is the ideal solution. Risks of fraud increase where urgent, ad hoc shipments are required, and a pre-approved trucker is not available. Due diligence management controls are vital in protecting your business in these instances. Even though there is urgency in the moment, take your time. Do not be pressured into rushing through the process. The risks of handing a cargo to a fraudster are far more significant than not meeting a timed delivery.

Your primary objective with this sort of loss prevention measure is to verify the contractor’s identity. Identity verification combats theft and fraud and protects your interests, including your business’s reputation. While not exhaustive, when conducting due diligence consider confirming the following minimum information, prior to physically auditing the organization:

• Full legal name and registered address of the supplier
• Details of other branches (nationally or internationally)
• Contact details (telephone and email)
• Web address
• The main activity of the supplier
• Verify ownership (and regulations, such as sanctions, where appropriate)
• Legal form (limited company, sole trader, public limited company)
• Company registration number
• Tax (e.g., VAT) registration number
• Key personnel and their roles
• Authority of the individual to sign on behalf of the supplier 

To learn more about managing risk in the supply chain, please watch our recently recorded webinar, created in conjunction with BSI.

 

The Expert View

David Fairnie, BSI Principle Consultant, Supply Chain Security

“We are seeing a significant number of false suppliers acting as genuine potential suppliers in supply chain logistics provision – warehousing, distribution centres, transportation companies – and actually, they are criminal groups utilising technology to fraudulently infiltrate the logistics supply chain.

Arguably today more than ever, you do need to know your suppliers intimately. Knowing your supplier goes back to verify before trusting. First and foremost, when you’re bringing new suppliers onboard, you need to conduct proper due diligence.

Robust due diligence and onboarding is just the start of the journey, to confirm the supplier service capability and capacity, we strongly advocate that you physically audit the supplier. It’s all about being proactive as an organisation to continuously monitor your supply chain risks.”

 

Ian Allman, NMU Risk Control Manager

“As we see with many aspects in our day to day lives, technology eventually takes over. Whilst the concepts are undoubtedly designed to make transactions and the movement of goods between one party and another more simplified, this unfortunately can sometimes increase the vulnerability of supply chains to fraudulent activity.

It seems the more technologically advanced we become, the more sophisticated the organised criminal gangs are in their methods for stealing cargo, to the point where the actual act of theft can now almost go undetected.

The links between cyber-crime and cargo crime are growing ever closer and present new challenges to businesses when it comes to maintaining the integrity of supply chains.

Whether it is spotting fake carriers or potential fraudulent transactions, providing adequate training and developing awareness amongst employees is essential if businesses are to protect themselves from falling victim to this type of crime.”

 

Cyndee Garbrecht, VP Cargo Claims, Roanoke Insurance Group  

The use of fraudulent tactics by cargo thieves is not new, but they are becoming more sophisticated and challenging to detect. For example, identity theft is a tactic that cargo thieves use to perpetrate fictitious pick-ups. Somehow, they even manage to deceive legitimate carriers and warehouse operators into participating unknowingly.

Cargo thieves use other cybercrime tactics such as phishing schemes to dupe logistics providers into releasing cargo and even funds to what appears to be a legitimate party but is not.

Everyone in the supply chain must do their part to mitigate these crimes. Educate your staff on how to spot fake documents and emails is a good start. Implementing a vetting process with all business partners can also help mitigate the risks of fraudulent cargo crime

 

Copyright Roanoke Insurance Group/NMU/BSI 2021

This information is presented as a specialty service offerings through a strategic partnership with BSI Supply Chain Services and Solutions. BSI is a leading global provider of supply chain intelligence, auditing services, audit compliance, risk management software solutions, and loss prevention advisory services. Through this partnership, our clients will have preferred access to risk intelligence and best practice insights to improve overall supply chain security and reduce theft and cargo loss risk. 

Disclaimer: This information is provided as a public service and for discussion of the subject in general. It is not to be construed as legal advice. Readers are urged to seek professional guidance from appropriate parties on all matters mentioned herein.