ID 181060629 © Sitthiphong Thadakun | Dreamstime.com
The Federal Motor Carrier Safety Administration warns registered entities of fake phishing emails posing as the agency. Cyber criminals targeted registered entities of the FMCSA to gain private information.

Phishing attack seeks to steal sensitive fleet data

Aug. 13, 2024
While cybercriminals are becoming more advanced through AI, training employees to identify suspicious emails can go a long way toward protecting your fleet's sensitive data.  

There has been an 856% increase in malicious emails sent within the past year, according to a report by SlashNext Security, and U.S. fleets were the target of a recent nationwide phishing attempt, according to the Federal Motor Carrier Safety Administration

Generative AI has only made it easier for perpetrators to perform these attacks. Since the launch of ChatGPT and other advanced language models, malicious emails have increased by 4,151%, the SlashNext report noted. 

FMCSA emailed media outlets last week to request help in informing registered entities about a “new phishing fake email.”

The email asks recipients to complete an attached form requesting a social security number and a USDOT PIN. In some cases, the email also includes a threat that the recipient will be fined if they do not respond within one day, FMCSA stated.

FMCSA does not require such information on official FMCSA forms. Carriers should NOT fill out forms attached to the fake email, and always refer to the official FMCSA forms for the latest and official documents,” the letter stated.

This phishing email originates from the following accounts, which are not official FMCSA accounts: [email protected], [email protected], [email protected], or [email protected].

Recipients who respond to the email with private information could give cybercriminals access to their official FMCSA accounts.

This instance highlights the growing need for adequate employee cyber training and awareness.

See also: Trucking’s two biggest cybersecurity threats today

The increase in cyber risks

The vast majority of these malicious scams are identified as business email compromises, such as fake phishing FMCSA emails.

Phishing is a type of scam “in which attackers pretend to be from a reputable or legitimate organization through an email or other messaging system,” FleetOwner previously reported. Moreover, it’s becoming one of the most prominent forms of cyberattacks in trucking today, stated a report from the National Motor Freight Traffic Association.

But attacks on the trucking industry don’t stop there.

Upstream, a cybersecurity platform focused on the automotive industry, recently released a new analysis of cyber risks related to transportation IoT devices and mobility. The results conclude that the risks are “rapidly evolving,” with the application layer—or API—and the IoT cloud layer as the most targeted for cybercrime, according to the analysis.

“The surging use of Mobility and Transportation IoT devices presents a growing attack surface for increasingly complex and sophisticated cyber risks, putting operational availability and data integrity at risk,” the report stated.

See also: Mobility cybersecurity company leverages AI to mitigate cyberattacks

How to prevent cyberattacks

One of the best ways to prevent a cyberattack is to work to avoid it through safeguards, such as cybersecurity risk monitoring and employee training, which is the most effective, Mark Murrell, president of CarriersEdge, told FleetOwner back in the spring.

CarriersEdge is a web-based platform that houses employee training courses. The company deployed a cybersecurity training course within the last year to combat the rise in cybercrime. This course is available to all trucking company employees, from office personnel to drivers, to help them learn “what to watch for so they don’t fall victim,” Murrell said.

While cybercriminals are becoming more advanced through AI, training employees on identifying suspicious emails can go a long way in protecting the company.  

See also: Protect your fleet from cyber risks

For individuals who have received the email cited above, FMCSA advises:

About the Author

Jade Brasher

Senior Editor Jade Brasher has covered vocational trucking and fleets since 2018. A graduate of The University of Alabama with a degree in journalism, Jade enjoys telling stories about the people behind the wheel and the intricate processes of the ever-evolving trucking industry.    

Voice your opinion!

To join the conversation, and become an exclusive member of FleetOwner, create an account today!

Sponsored Recommendations

The Future of Mirrors is Closer Than it Appears

Why Mirror Camera Systems are the next step for fleet safety and exoneration While many commercial trucking cameras are similarly marketed, they are not all created equally. The...

The 20:1 Solution: Unlocking the ROI of a Modern Asset Maintenance Solution

Discover how modern fleet maintenance software can drive step-change improvements in shop efficiency, cost control and vehicle productivity, along with how to calculate the ROI...

Digital and AI Solutions for Rideshare Safety

Anyline’s study, “How Digital AI Solutions Can Enhance Rideshare Safety,” reveals rideshare drivers are overly confident in their tire knowledge, risking passenger safety. Download...

Introducing the World’s First Mobile Tire Tread Scanner

Anyline’s innovation allows accurate tire tread measurement via any mobile device, ensuring legal compliance for fleets. Read more and find out how you can cut operating costs...