An article in the Norwegian finance daily "Dagens Næringsliv" highlighted the unfortunate case of Rederiet Stenersen, a chemical shipping company based in Bergen, located just a few miles away from our office (see article below, in Norwegian). They fell victim to a cyber fraud scheme that began, as it (almost ) always does, with a successful phishing email.
In this instance, the criminals gained control of the CEO's email account, which they then utilized to send fraudulent invoices to the accounting department, directing them to make payments to unauthorized accounts.
To prevent such incidents in the future, Rederiet Stenersen has now implemented new procedures that require verification of transactions to new accounts through phone calls, in addition to email correspondence. Had this precaution been in place initially, the fraud could have been avoided altogether.
We have similar routines at Odfjell. But routines count for nothing if they are not consistently followed. Numerous examples exist of companies falling victim to cyber fraud simply because they neglected to adhere to the established procedures. Therefore, it is crucial for everyone to stay updated on specific cybersecurity routines in your department and ensure their diligent implementation.
By being proactive and vigilant, we can significantly reduce the risk of falling prey to cybercrime.
STOP - LOOK - THINK
