- HOME
- News & Report
- 2018-06-21
Dear Customers,
Thank you for your continued support.
Recently, the number of phishing email (HTML email) sent by using browser
vulnerability against ships have been increasing. We ask the person in charge to be
cautious about this matter.
Email content
The sender pretends to be someone else, forging to be “mail system administrator” or
“accounting clerk”. Its intention is to make you click the link in the body of the email
for reasons of “Account suspended” or “Default in payment”. The email format is
HTML, not plain text. If you click on the link at this time, information will be skipped
into dummy server prepared by the sender and using browser’s vulnerability your
computer’s ID, password and other will be stolen. It is extremely dangerous because
they are stolen just by clicking.
Risk for vessels
Please check the following thoroughly because risk differs depending on ship’s
communication status.
(1) Ships prohibiting HTML emails for email communication
There is no danger for this type of ship. If removal of HTML is set up, the harmful
part will not reach the ship because part of the subject is included in the HTML part.
(2) Ships allowing HTML emails for email communication
This type of ship is further divided into the following conditions.
(a) Ships with only emails, no web browsing
There is no great danger but harmful code is included in the corresponding email.
Please delete the corresponding email when you receive it.
(b) Ships enabling web browser environment such as FX, VSAT, 4G
There is danger information will be stolen just by clicking the link when
receiving this type of email. Please treat the source of suspicious email with
great caution and do not accidentally click the URL in the email.
Furthermore, there is always risk encountering a web page using browser
vulnerability as described above. Some cases cannot be prevented only by
carrier blocking the harmful site. Using operation systems without security
patches or old version browsers accessing these pages, they might destroy your
PC information with just that.
Updating your OS and browser is extremely important in order to prevent this.
For ships which cannot secure sufficient capacity for update via satellite
communications, please be sure to secure 4G connection and have your OS and
software updated when docking.
Web connectivity has improved due to the expansion of FX, VSAT, but this has
generated new risks. IT risk management responding to the changing
environment is required.
Please feel free to contact us if you have any questions or concerns.