Hackers have been faking CMA CGM Group’s identity in email conversations with the shipping line’s customers and then stealing funds by asking them to pay the line’s invoices via a ‘new’ bank account.
In a note to customers on Thursday, CMA CGM called for vigilance, warning that the hackers were adopting multiple methods of attack.
According to the line, the hackers’ modus operandi may include the following:
- Hackers may intercept a genuine conversation between you and CMA CGM and replace CMA CGM’s email with a fake email. Then they will continue the email conversation and at some point request a change in the bank account details.
- Hackers may call you directly or contact you via an unusual channel such as a social network, requesting an urgent payment for their company due to personal sickness, emergency or financial distress.
“We recommend the highest level of vigilance in this context and confirm that this is not a group practice to communicate bank details at customer care level or through any other channels. CMA CGM bank account details are only indicated on our invoices,” the shipping line said.
CMA CGM has called on customers who receive these requests not to reply to or forward the emails as they could be a phishing attempt, and to report any suspicious activity to their usual local contact person.