With over $700 billion in revenues, the trucking and logistics industry is a big target for opportunists of all types, including fraudsters and cybercriminals.
Logistics service providers (LSPs) may be called intermediaries, but many have moved to the front lines in the industry’s battle against fraud and cybercrime.
One of the nation’s top third-party logistics firms, Choptank Transport, shared the technology and strategies it uses to secure its freight transactions and protect its business, customers and carriers.
A full-service logistics provider, Choptank Transport specializes in truckload and less-than- truckload shipments of refrigerated and dry freight as well as flatbed and intermodal transport.
Below are five areas where its technology helps to quickly identify and defeat modern threats.
1. Double brokering
Traditionally, LSPs have struggled to identify and prevent double brokering of their loads. By using the latest in freight tracking technology, LSPs can reduce their risk of this occurring.
Choptank uses the cloud-based Load Track platform that is embedded in the popular Trucker Tools smartphone app used by hundreds of thousands of owner operators and small carrier drivers.
The Load Track platform automatically captures shipment locations using the GPS on drivers’ phones and provides near real-time tracking updates. The tracking starts the moment a driver is dispatched to pick up a load and continues, uninterrupted, to the final delivery.
For Choptank, having granular visibility of truck movements enhances customer service and helps to verify its loads are powered by approved carriers.
With the same technology, LSPs can have drivers use an image capture feature in the app to gain instant visibility of proof-of- delivery documents, thus adding another layer of protection against double brokering and fraud, says Prasad Gollapalli, chief executive of Trucker Tools.
“By using the freight tracking platform, we are able to gain more visibility of our customers’ freight,” says Marcia Wood, chief financial officer of Choptank Transport, which is based in Preston, Md. “We use every bit of technology that is available now.”
2. Route tracking
Choptank uses Load Track with an integrated transportation management system from McLeod Software to plot accepted routes for each load and immediately notify users if exceptions occur.
The driver might be going the wrong direction or stopped at an unknown location, for instance.
“That throws up a fraud risk,” she says. Users can instantly monitor loads on a map to compare the planned versus the actual routes in real time to determine what is happening.
Choptank uses the route tracking information to protect carriers from fraud risks as well.
“We had an instance where a carrier claimed that one of their drivers did not receive a Comchek,” Wood explains. “We were able to provide proof of the route the driver took, which coincided with where the Comchek was cashed.”
The Load Track platform gives Choptank Transport automatic notifications when loads arrive and depart from customer locations. With this and the capture of detailed time and position records, Choptank can proactively manage loads for on-time service and substantiate claims if exceptions occur such as a late delivery. Similarly, Choptank uses the platform to verify detention events for carriers, she says.
3. Fake calls
Protecting the identities of motor carriers is an ongoing concern for LSPs. On several occasions, Choptank Transport has received phone calls from people claiming to work for motor carriers it does business with, Wood says.
The people making the calls might be using apps to switch their actual phone number to a carrier’s number so that the caller ID appears legitimate. Typically, the callers will ask for a cash advance on a load.
Whenever Choptank receives phone requests for cash advances, employees hang up the phone and call the number listed for the motor carrier in the FMCSA’s Safety and Fitness Electronic Records (SAFER) database.
“We verify the carrier and go through questions about the load,” Wood says.
The Load Track platform assists in the verification process. With real-time visibility of the load, employees can ask the caller questions regarding the current location of their freight and then compare to the last pinged position of the load. This helps to verify if the caller is privy to the load details and is the legitimate driver/company on the load.
Fraudsters have also sent emails that legitimately appear to be from carriers. The emails may ask Choptank to change their bank information to receive electronic freight payments.
In these instances, a Choptank employee will call the sender and require them to fill out and submit a form. Next, the employee calls the carrier’s number in the SAFER system to validate that a request was made to change bank payment information, Wood says.
4. Electronic payments
Choptank has made a concerted effort to eliminate paper checks that are more susceptible to fraud than electronic payments.
Currently, 90 percent of freight payments to carriers and vendors go through the Automated Clearing House (ACH) network, which deposits funds directly to the payees’ bank accounts. ACH also helps carriers by eliminating the payment delays from mail, she says.
As an extra precaution, Choptank has its TMS system set up to alert the accounts payable department before a first-time payment is issued to a new carrier. An employee will call the carrier’s SAFER phone number to verify its MC number and bank account information before sending payment, Wood says.
In addition, the company uses Positive Pay and ACH Debit Blocks to secure its checking account.
“No one can get money out of the account without me knowing it,” Wood says. “Any time a debit hits our bank account I have to personally approve that.”
Wood says the company sometimes receives emails asking for payment on fake invoices. Some appear to come from the CEO of Choptank asking an employee to make payments on invoices “outside of the normal payment procedure.”
“You have to vet every single invoice to make sure it is valid,” she says.
No business is immune from the threat of cybercrime, certainly not in the trucking and logistics industry where 24/7 Internet connectivity is critical. One of the most recent cyberattacks, dubbed GoldenEye or Petya, hit a number of transportation firms.
The ransomware attack began in the Ukraine and spread to other parts of Europe and then globally. Among those hit were Maersk and TNT Express, a FedEx subsidiary in Europe.
Ransomware is a bug that attacks systems and locks users out of key files. To unlock the files, users have to transfer funds through Bitcoin or other online payment systems.
Wood says Choptank has a “very strong” IT department and subscribes to a number of security services to protect its systems against cyber threats, including phishing and ransomware.
Sometimes, all of the added security and precautions can cause inefficiencies, she says, but the
tradeoffs are worthwhile.
“We all know that the security of our network is crucial to our customers and carriers. We take those inconveniences in stride,” she says. “There are many threats out there and there are going to be a lot more. The crooks are going to get smarter,” Wood continues. “We will always have to continue to adapt and use the latest technology to combat fraud.”