Cyber-security – malicious spoofing and phishing

  • Safety Flash
  • Published on 2 December 2021
  • Generated on 22 February 2025
  • IMCA SF 33/21
  • 2 minute read

The United States Coast Guard (USCG) has released very timely Marine Safety Information Bulletin (MSIB) 19-20 relating to malicious email spoofing incidents. 

The USCG notes that there are increasingly sophisticated malicious email spoofing techniques being used.

The bulletin is timely because IMCA has recently received a report from one of its members relating to cyber security awareness. In this incident, personnel received messages claiming to be from senior management.

Management will not be asking for action on matters like flight tickets, hotels, urgent payments for contracts, etc. via SMS, social media, or personal email addresses.

These requests will always be done via official channels.  

What is phishing?

Most of us will be aware of phishing emails and know what to look out for. There are multiple types of phishing, and it is good to be aware of the main types.

Phishing is someone pretending to be someone they are not, in order to gain access to confidential information.

Phishing can also be done via phone calls, SMS and other online messaging services.

Cyber-security - malicious spoofing and phishing (image courtesy of: https://www.mailguard.com.au)

(Image courtesy of https://www.mailguard.com.au)

Actions

Suggestions for dealing with potential phishing SMS, phone calls and other messages:

  • Never feel pressured into clicking a link in a message or taking any other action.

  • Take a minute to check if you were expecting this phone call or message.

  • Check for any spelling/grammar errors in the text or unusual senders (e.g. check the country code of the phone number).

  • If in doubt, REPORT messages/phone calls/phishing emails to your company IT department and BLOCK the number.

Members may wish to refer to:

Latest Safety Flashes:

Crew transfer vessel (CTV) drifts onto turbine tower

A CTV drifted into and hit a nearby structure at 0.5 knots.

Read more
LTI: Fall from height during FRC maintenance

A worker fell 2.3 m to deck from a small boat in the davit, and broke a leg as a result. 

Read more
Near miss: narrowly avoided fall from height due to missing deck gratings

After a grating was removed, the Chief Engineer, on the way to inspect the work, nearly fell 4-5m.

Read more
MSF: A broken stretcher could have led to injury

The Marine Safety Forum (MSF) published Safety Alert 24-09 relating to a broken stretcher.

Read more
Positive story: Excellent galley hygiene and housekeeping

On a walk-around audit, a member highlights very high standards of housekeeping and hygiene in the galley on one of its vessels.

Read more
More Safety from IMCA

IMCA Safety Flashes summarise key safety matters and incidents, allowing lessons to be more easily learnt for the benefit of the entire offshore industry.

The effectiveness of the IMCA Safety Flash system depends on the industry sharing information and so avoiding repeat incidents. Incidents are classified according to IOGP's Life Saving Rules.

All information is anonymised or sanitised, as appropriate, and warnings for graphic content included where possible.

IMCA makes every effort to ensure both the accuracy and reliability of the information shared, but is not be liable for any guidance and/or recommendation and/or statement herein contained.

The information contained in this document does not fulfil or replace any individual's or Member's legal, regulatory or other duties or obligations in respect of their operations. Individuals and Members remain solely responsible for the safe, lawful and proper conduct of their operations.

Share your safety incidents with IMCA online. Sign-up to receive Safety Flashes straight to your email.

We may use anonymised cookies for some functionality on this site. With your consent, we would also like to use tracking to improve our online offering. Find out more.