News / Hapag-Lloyd hit with 'spear phishing' attack as fake website gathers data

© Vasile Bobirnac |

Hapag-Lloyd suffered a ‘spear phishing’ attack yesterday, wherein a copy of its website was uploaded and users directed to log in, revealing their data to the scammers.

It was not clear when the website copy was created, as the Hapag-Lloyd security team only “found” it yesterday, and it is unknown whether the spear phishing attack is linked to the Russia-Ukraine conflict, a challenge companies have been warned to watch out for.

Hapag-Lloyd has cut off services to Russia, in line with rivals, as well as closing its offices in Ukraine, which opened in mid-2021.

Though a relatively low-effort form of cyber-attack, consultancy CyberCX last week warned firms to be on the lookout for targeted attacks being disguised as ‘low-sophistication’ attempts “such as wiper-malware masquerading as ransomware.”

“Malware campaigns are seeking disruption, ultimately with target organisations, with wiper-malware specifically intended to destroy data,” CyberCX director Christina Stevenson told The Loadstar. 

“This contrasts with the indiscriminate, malicious attack impacting Ukraine’s and further countries’ networks and economies, such as the 2017 NotPetya worldwide attack later linked to Sandworm, a Russian GRU main intelligence directorate hacking group.”

Hapag-Lloyd advised its customers to change their passwords and to enter the URL of its website manually in their browser, rather than clicking on links in emails.

“To ensure your safety, please check whether the links you receive in e-mails are actually to the correct website and have been called up before entering your personal access data. If you receive suspicious e-mails, please use your phishing mail analyser, if your organisation has it.”