contactContact

MENUMenu

JAPANESEJAPANESE

Contact usContact us

Warning of spoofing mail

  1. HOME
  2. News & Report
  3. 2019-11-25

Dear Customers,

 

Thank you for using our services.

 

A cyber incident that hijacks a company email account has occurred.

 

This time, it was not a vessel mail but a land company account.

A result of the company's e-mail address and password is leaked, false ordering mail

 

(vessel equipment, etc.) were sent by company accounts.

 

The mail receiver (probably non-existent. Also a part of the criminal

group, which pretend a bona fide third party) starts to arrange after

receiving ordering email, but the person who received this

contact (the person who hijacked the email) If you are surprised and

deny the order, you will be billed as "We have already started

arrangements and we want to pay a cancellation fee."

 

The sent ordering email is actually sent from an official business email

account, and it will be recorded both in the person's sent folder

and in the CC.

It is considered to be a crime committed to weakness that is not

a spoofed email.

 

In order to cope with this, the following procedure is important.

 

(1) First, check whether the account hijacked is true. Account access

history is recorded in cloud systems such as Office365 and Gmail. If an

unrecognized access is found, there is a possibility of hacking your

account. Contact your system administrator immediately and take

necessary measures such as changing your password.

 

(2) Next, it is important that the partner clearly declares that “there

is no fact of ordering” and that do not take any further action. If you

continue to communicate, there is a risk that you will be charged the

quality of paying a cancellation fee.

 

 

The company email account used for business has the convenience

of a cloud system that can be accessed from anywhere, but there is

a risk of being hijacked just by stealing the password. It is recommended

to enhance security using technologies such as IP address authentication

or two-step authentication.

 

In addition, there are cases where user registration on the web site is

used as a route to steal passwords. In order to view a specific site.

You will be asked to register an email address and create a user account.

At this time, the user ID and password are registered.

If you accidentally register the same password, the password might be

going to be leaked.

When registering a site that requires an account, please be careful of the

password you set.

 

 

If you have any questions or concerns regarding cyber security, please

feel free to contact us.

 

with Best Regards.

PAGETOP