Phishing models

What is Storage spoofing?

Cybercrime is becoming more and more ingenious by the day. One of the latest forms of phishing attempts, we came across at one of the world’s busiest harbours, shows that even storage facilities aren’t safe when it comes to cybercrime and phishing attacks.

Storage spoofing attacks are mainly aimed at national and multinational companies that either operate or are looking to acquire storage facilities, however it will also target potential buyers of goods stored at these facilities by masking themselves as legitimate sellers. This way a malicious person is offering goods under false pretences which eventually turns out to be non-existent. In the port area, this form of phishing is also known as Terminal spoofing.

Storage spoofing explained

Storage spoofing isn’t a new way of phishing. This specific form of phishing was first detected about six years ago. How storage spoofing works: a fake order from a fuel supplier is placed. This fake order claims to have two or three barrels in storage. The (forged) seller will steer the buyer towards some form of advance payment, with the intent of misleading the victim. When the buyer comes to pick up his purchase, he will notice that the purchased product wasn’t stored in that particular terminal at all or the specific terminal doesn’t even exists.

In order to let these phishing attacks succeed, cyber criminals often make use of recognizable documents in which forged stamps and certificates are used. It also happens that storage terminal sites are being cloned in order to steer victims through a counterfeit terminal website into a purchase. These counterfeit terminal websites often disappear just as quickly as they appear: Cybercriminals are eager to remove their track after a couple phishing attempts or successful transaction as soon as possible.