Subscribe to our Mailing Lists (It's free!)
Wednesday, July 9, 2025
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    Lessons learned

    Lessons learned: Ensure there are compatible adapters onboard

    Panama IMO

    Panama reaffirms commitment to protection of seafarers’ rights

    IMB piracy

    IMB: 50% increase in piracy incidents in first six months of 2025

    Norway

    Norwegian Maritime Authority: 589 incidents in first half of 2025

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    friendship

    Exploring the human need for friendship: A lifeline at sea and on shore

    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    COSCO

    COSCO boxship receives first bunkering of domestic green methanol

    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    IACS

    IACS reports progress on decarbonisation & digital transformation

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    floating data centres

    New partnership to develop floating data center on retrofitted vessel

    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    autonomous navigation

    New deal aims to advance autonomous navigation technology

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    newbuildings xclusiv shipbrokers

    Xclusiv Shipbrokers: Newbuilding momentum slows sharply in 2025

    Watch: Avoid the risk of electrocution for shipboard welding

    Watch: Avoid the risk of electrocution for shipboard welding

    charcoal

    BIMCO: Renewable electricity sources lower coal shipments

    carriers

    Sea-Intelligence: Global schedule reliability reaches 18-month high

  • Columns
    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    NorthStandard: Data sharing to drive technology and improve crew wellbeing

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    AMPI: Seafarers face critical risks in pilot transfer rigging

    AMPI: Seafarers face critical risks in pilot transfer rigging

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    Lessons learned

    Lessons learned: Ensure there are compatible adapters onboard

    Panama IMO

    Panama reaffirms commitment to protection of seafarers’ rights

    IMB piracy

    IMB: 50% increase in piracy incidents in first six months of 2025

    Norway

    Norwegian Maritime Authority: 589 incidents in first half of 2025

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    friendship

    Exploring the human need for friendship: A lifeline at sea and on shore

    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    COSCO

    COSCO boxship receives first bunkering of domestic green methanol

    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    IACS

    IACS reports progress on decarbonisation & digital transformation

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    floating data centres

    New partnership to develop floating data center on retrofitted vessel

    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    autonomous navigation

    New deal aims to advance autonomous navigation technology

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    newbuildings xclusiv shipbrokers

    Xclusiv Shipbrokers: Newbuilding momentum slows sharply in 2025

    Watch: Avoid the risk of electrocution for shipboard welding

    Watch: Avoid the risk of electrocution for shipboard welding

    charcoal

    BIMCO: Renewable electricity sources lower coal shipments

    carriers

    Sea-Intelligence: Global schedule reliability reaches 18-month high

  • Columns
    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    NorthStandard: Data sharing to drive technology and improve crew wellbeing

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    AMPI: Seafarers face critical risks in pilot transfer rigging

    AMPI: Seafarers face critical risks in pilot transfer rigging

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

Malicious emails against shipping companies in last week of December

by The Editorial Team
January 4, 2021
in Cyber Security
cyber security scheme

Credit: Shutterstock

FacebookTwitterEmailLinkedin

Dryad and cyber partners RedSkyAlliance monitor attempted attacks within the maritime sector. They examine how email is used to deceive the recipient and potentially expose the target organizations. The following update regards the last week of December.

As explained, even if attackers can only get 10% of people to open their malicious email attachments, they can send thousands out in a day using similar templates resulting in hundreds of victims per day.

In their collection of malicious emails up to 29 December, Dryad and RedSkyAlliance see malicious actors attempting to use vessel names to try to spoof companies in the maritime supply chain.

This week we observed a wide variety of maritime-related subject lines. Some of the new vessel names used this week include “MV Torrent” and “MV New Wind” – among others.

Specifically, analysts observed malicious subject line, “RE: Vessel: SEA HERMES / PO No.: 20-0193-1 – ME AUXILIARY BLOWER\r\n MOTOR” used this week. This email leverages a few techniques to get the targeted users to open the malicious attachments. The company which was targeted by this malicious email has been also seen in previous Maritime Reporting.

RelatedNews

Dryad Global: Suspected limpet mine attacks in the Mediterranean

Dryad Global: Russia’s shadow tanker fleet has tripled since 2022

See also: How to detect and avoid phishing emails

In May 2020, Fuji Trading, a world leader in marine supplies and engineering, was targeted by a malicious email referencing “fittings for a rescue boat repair.” This malicious email contained a document which attempted to exploit CVE-2017-11882, the commonly observed AV detection. The previously targeted employee was an International Technical Marine sales individual. This company is based in the Netherlands. That same employee is again being targeted, 7 months later, in another malicious email.

Another example of using past identifiers, this past week, a malicious email was sent from a “Senior Procurement Officer” from Wilhelmsen Ship Management. Red Sky Alliance observed attackers sending malicious emails using the same company’s name as an alias in the past (TR-20-307-006). The sender identifies himself as “Hsin Yung, Fong.”

The email consists of a conversation between the attacker and the victim user which eventually leads to a message to the same recipient containing a malicious file attachment.

Unlike many of the malicious emails seen in the past, this email uses a specific “Dear [Employee Name]” greeting.

The attachment titled “dec.-22-6940019-2020.doc” is a malicious MS Word document. As with many of the malicious Emotet documents seen in the past, this one displays a message to “enable content” and “editing” further enabling the malware to infect the system.

If opened, the targeted victim would activate the infamous Emotet malware on their system. This malware is an advance trojan with the ability to steal sensitive information and download other malware as part of a cyber-attack.

This malware is often spread via email through a malicious link or, as in this case, a malicious attachment. Often attackers are looking to steal sensitive data, yet this access to the network also provides an option to activate ransomware if they decided to make a quick profit.

 

Recommendations

The more convincing an email appears, the greater the chance employees will fall for a scam.  To address this residual risk, software-based protection should be treated as one constituent of a wider strategy that also encompasses the human-element as well as organizational workflows and procedures.

It is imperative to:

  • Train all levels of the marine supply chain to realize they are under constant cyber-attack.
  • Stress maintaining constant attention to real-world cyber consequences of careless cyber practices or general inattentiveness.
  • Provide practical guidance on how to look for a potential phishing attempt.
  • Use direct communication to verify emails and supply chain email communication.
  • Use Red Sky Alliance RedXray proactive support, our Vessel impersonation information and use the Maritime
  • Black Lists to proactively block cyber attacks from identified malicious actors.
Malicious emails against shipping companies in last week of DecemberMalicious emails against shipping companies in last week of December
Malicious emails against shipping companies in last week of DecemberMalicious emails against shipping companies in last week of December
Tags: cyber securityDryad Globalsm
Previous Post

Carbon capture and storage could address 42% of world’s emissions, report finds

Next Post

South Korean-flagged tanker feared seized in Iranian waters

Related News

strait of Hormuz
Security

Dryad Global: Critical disruption threat in the Strait of Hormuz

June 25, 2025
iaph cyber security
Cyber Security

IAPH releases cyber security guidelines for new port technologies

June 24, 2025
LR: Good data is a crucial foundation for improving safety
Opinions

ABS Consulting: Make cyber risk part of the daily safety conversation

June 23, 2025
RMI
Security

Dryad Global: Tensions in Middle East amplify commercial shipping risks

June 18, 2025
BIMCO: Chinese seaborne dry bulk imports up 6% despite economic challenges
Shipping

ICS Barometer: Declining confidence in the face of instability

June 11, 2025
ASPIDES
Security

Dryad Global: Red Sea remains a high-risk corridor

June 11, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Explore more

No Result
View All Result
MARITIME EVENTS

Explore

  • Safety
  • SEAFiT
  • Green
  • Smart
  • Risk
  • Others
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Content Marketing
  • Contact

© 2025 SAFETY4SEA

No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA

Manage your privacy
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Manage options
{title} {title} {title}
No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA