Cybercrime is aﬀecting all industries, but the commodities sector is particularly vulnerable. Given the enormous movement of cargoes and cash, there is a high risk of incurring a substantial loss if you become the victim of a fraud. Attacks are increasingly sophisticated, but there are some basic precautions that can be taken. In this article, we look at email and the problems it can create. We also outline some simple ways you can manage this threat.
Over the past year, we have been onboarding hundreds of companies onto the TradeCloud platform. One frequent talking point with clients is Cyber Security. We regularly receive questions such as “Is your site secure?”, “Where do you store your data?”, “Is the information encrypted?” These questions come about as people become increasingly wary of data security.
Over the past few years, the metal industry has been the victim of headline-hitting frauds such as the aluminum case in Qingdao and the nickel case in Korea. In both instances, warehouse receipts were reproduced and the perpetrators of these crimes received payments multiple times for the same metal.
Such crimes have partly come about due to the industry’s continued reliance on paper documents – Contracts, Bills of Lading, Certiﬁcates of Origin, Warehouse Receipts, Insurance certiﬁcates, Letters of Indemnity to name the most common. Despite the massive technological shift that we have been witnessing over the past 20 years, the commodities industry has been slow to adapt and continues to use physical paper to patch things up.
Whilst these events have raised awareness of the risks of paper title documents, we have discovered a much more common menace, which is happening on an almost daily basis. We have been told by many customers that they have faced multiple attacks on their systems and in particular, their email communications have been compromised. One of the most regular and simple frauds we have been told about is invoice fraud.
Below are the basics of how fraudsters operate :
• The commodity supplier raises an invoice for the goods shipped under the contract
• The supplier then converts that invoice into a PDF and attaches it to an email
• The email is then sent to the supplier
• The fraudster uses various techniques such to copy the invoice data and/or block its’ direct transmission to the customer
• The fraudster then changes the bank account details on the invoice and forwards a new invoice by email to the customer [cleverly disguising himself as the supplier]
• The customer receives the invoice and unknowingly pays the money to the fraudster’s nominated bank account
• The fraudster receives the money and launders it through multiple banks
• Confusion ensues between the supplier and the customer as to where the money went
• The lawsuits and insurance claims begin
• The fraudster disappears and the money becomes unrecoverable
Of course, in many instances, people are vigilant enough to notice when the payment terms are changed, but unfortunately, this is not always the case.
In general, people don’t advertise that they have been the victim of cyber fraud as they do not have an immediate solution to the problem.
Instead, they will increase the number of manual checks they perform in the hope that they will catch such a similar hoax in the future. However, this increases the processing cost without fundamentally eliminating the problem.
A few basic tips we suggest to reduce the risk:
1) Inform your suppliers in writing of your bank account details and send them by post
2) Inform your suppliers that you never change your bank account details and if you do change them, they will be informed in writing by post
3) If you send documents by email that contains sensitive information, always password protect them
4) Avoid sending any documents via email that contain sensitive information, such as bank account details
5) Always apply the latest software patches. This should be done via automatic shutdown and reboot of all devices on your network
Email is often the weakest link in the IT chain. The problem with email is that once it leaves your IT environment it can be easily copied. With all of us receiving so many emails every day, it can be easy to miss something malicious.
If you reﬂect for one moment on retail banking and their move to digital, you will notice that all critical information and communication is within their IT environment. You need to log in with at least a two-factor identiﬁcation to view your details and make instructions. Banks today never process a payment instruction based on an email.
At the very least, they will call you back for reconﬁrmation. Again, any manual service is ineﬃcient and costly and as a result, banks are moving their customers increasingly to digital. The commodities industry is highly competitive and increasingly under cost pressure. Manual processes are expensive and often ineﬀective against cybercrime.
At TradeCloud our goal was to build a communications platform speciﬁcally designed for the commodities industry. This meant that data security was our top priority. As highlighted above, the key to keeping communications private is to keep them within a secure environment. The TradeCloud environment is a closed system, making it far less susceptible to attack. So, if you want to signiﬁcantly reduce the risk of your data being intercepted, you should send it on TradeCloud Chat. The TradeCloud messaging system is free to use, allows you to attach documents and has security features throughout.
Furthermore, TradeCloud Chat can be fully monitored by your compliance department via our partner Global Relay – the leader in global communication monitoring.
The TradeCloud Chat is just one feature amongst many we have created for a more secure and compliant environment for the commodities industry of the future. If you would like to learn more about how we are going about this, please feel to contact us via [email protected]
TradeCloud is a communications platform designed speciﬁcally for the physical commodities industry. It provides a secure and compliant environment, open to all market participants. This helps TradeCloud members ﬁnd the commodities they need at competitive prices.
TradeCloud has plans to provide a network of post-trade services such as logistics, ﬁnance, and documents, all connected on the TradeCloud Commodities Web, centered around blockchain technology.
For more information, please visit our website.
Baer Chain Global Developer Conference “CURVATURE NAVIGATION” was held Successfully in Korea.
During the conference, Vincent talked about the current status of the development and the future plans of Baer Chain:
- The globalization of Million Ecology Project is going smoothly. The “Curvature Navigation” conferences will be held in Asia first, and then in Europe and finally in North America. The official launch of the mainnet will come with a grand event in North America.
- The Baer Chain block explorer developed by supernode team Baer LA is officially launched, marking Baer Chain’s decentralized development stage;
- All game developers teams from all over the world will continue to develop blockchain games based on Baer Chain technology. At present, dozens of games are under development and will be launched in the Baer Chain ecosystem.
On 24th May, Baer Chain “Curvature Navigation” global developers conference was successfully held in Gangnam, South Korea.
Daniel Kim, CEO of Block Patch, a well-known blockchain company in Korea, attended the conference with a special guest, Zhenying Lee, who is focusing on the legal research of the blockchain industry.
Vincent introduced the development of Baer Chain at the conference. When talking about the progress of the Million Ecology Project, he said:
“We have entered the stage of curvature navigation and Korea is our first stop. Next, we will continue the journey of curvature in Amsterdam, then in London. We will eventually go to North America. What I can tell you is that it will be a grand event in North America to welcome the official launch of the Baer Chain mainnet.”
At the conference, Vincent announced that the first version of the Baer Chain block explorer developed by the supernode team Baer LA has been launched. It is the most direct visualization approach for users to engage with the mainnet.
With the release of the block explorer, all the third-party node teams are now able to smoothly carry out the development work based on the Baer Chain technology architecture, which means that the technology development of Baer Chain has entered the decentralization and the rapid growth stage of cooperation.
At the conference, Shawn from the supernode team Baer Cali also talked about the advantages of the Baer Chain technology architecture and how they began to develop games on Baer Chain.
Vincent stated that there were more than 10 super node teams have already started their development of new games. They are working very hard to develop their games and strive to release their products on the Baer Chain as soon as possible.
In the following Q&A session, Vincent was asked by one of the participants that if BRC was affected by Million Ecology Project, and Vincent responded:
“BRC is an indicator of Baer Chain’s values. The positive trend of BRC reflects the market’s view on the development and future value of Baer Chain.”
SEC’s harsh crypto regulations would drive innovation away from the US to Asia, says Fred Wilson
Bitcoin [BTC] will be vulnerable to quantum computing if we’re not prepared, says Andrew Poelstra
Bitcoin [BTC]: Binance’s CZ and Ryan Selkis try to predict BTC’s maximum value in the future
XRP vs Stellar Lumens [XLM] Price Analysis: Bulls suppress bears to push market forward
Ripple’s XRP records relatively low 24-hour trading volume even as prices hold above $0.35
Tron [TRX] announces future trading on OKEx platform from May 20
Bitcoin [BTC] is still going to $100,000, claims Heisenberg Capital’s Max Keiser
Bitcoin’s [BTC] Lightning Network is awesome, says Blockstream’s Samson Mow
Crypto is replacing the US Dollar and no one seems to be noticing, claims prominent investor Robert Kiyosaki
Bitcoin Cash’s [BCH] Roger Ver adds Coinbase and Binance to his ‘safe list’
Bitcoin [BTC] is still going to $100,000, claims Heisenberg Capital’s Max Keiser
Satoshi Nakamoto is easy to get through; can be found by fools, claims John McAfee
XRP: Google Chrome extension to detect trustworthiness of select XRP addresses goes live
DigiByte [DGB]: Nationwide Merchant Solutions sets up DGB payments for businesses and merchants