The logistics industry has become increasingly impacted by phishing attacks and it looks like sophisticated hackers are eyeing brokers and carriers utilizing load board DAT.
On Friday, the industry newsletter Freight Caviar posted an email titled “WE HAD TO CANCEL SETUP: YOU HAVE A REPORT” from an address designated as DAT ONE with case@onedatfreight.com credentials.
The email had sent a fake Carrier411 Freight Guard Report requesting the user respond to the report at onedatfreight.com. DAT’s actual website address is one.dat.com.
The two sites are nearly identical, with only a few varying features, including an “Issues with Login” pop-up.
The IP address shows a company called Beget LLC out of St. Petersburg, Russia, is currently hosting the fake site.
Likely, the fake DAT website steals the usernames and passwords of those who respond to the email. Once someone has acquired this information, he or she can log in to the real DAT ONE site and post or win loads under the identification of a real broker or carrier to fraudulently phish loads, steal loads in transit or double broker loads.
Related: It’s time for massive load board players to take responsibility for fraud
According to load board Truckstop.com, marketplace fraud increased 400% from the fourth quarter of 2021 to the fourth quarter of 2022. This is the highest level the industry has seen since the tracking of fraud reports began in 2004.
DAT told FreightWaves on Friday that it is aware of the post shared on X and appreciated the post.
“Fighting fraud is a community effort,” said Annabel Reeves, communication director at DAT.
She explained if customers think they have received a phishing email impersonating DAT or believe their DAT credentials have been compromised they should reach out to their customer service department right away and report the bad actor. She also suggested they send a screenshot of the message to customer service and not forward the actual phishing email to them.
Reeves also noted that even if a username and password are obtained by a hacker, DAT now uses multi-factor authentication to verify log in attempts.
“The sophistication of phishing scams continues to grow. We’re continuing to invest heavily in technology and AI, as well as our Network Integrity Unit, but ‘saying something when you see something’ is essential as well,” she explained while sharing the company’s fraud alert educational document.
If you have a story on load board fraud to share, please email gsharkey@freightwaves.com.