Photo: Pixabay

Photo: Pixabay

A while ago, I received an e-mail from our then-vice president, Sherb Brown. In his very informal way, he asked if I was available and if I could do him a favor. I responded I was and could, and before you know it, our IT administrator wrote to me telling me to “stop e-mailing Sherb.” Of course, it wasn’t him — some joker was trying to get me to buy a gift card. The different e-mail address was the giveaway, but I hadn’t checked. As someone who is online all day and has read numerous articles about online fraud, this is not something I’m proud of.

Just this week, I received an e-mail inviting me to a Zoom meeting. This happens somewhat often, but this invitation contained poor grammar and came from a weird e-mail address. To me, it was a clear phishing scam; I caught it, but I’m sure it has fooled people.

Who Are You Paying?

I’ve written before about cyberattacks — vehicle related and not. Vehicles can be hacked and it is a concern as more vehicles become connected, but it hasn’t really happened in real life yet. Other types of cyberattacks — related to internet use and clicking on malicious e-mails — have happened and will continue to happen with increasing frequency.

One Texas city was recently scammed out of $169,000 in two cases of cybersecurity fraud. In one instance, the city accountant had been communicating with a fleet vendor about an outstanding invoice; the vendor provided updated banking information, and the accountant transferred $45,500 to this new account. In a similar instance, another accountant wired payment to an engineering firm after being asked multiple times for payment and being provided updated bank account information. Both requests came from almost-legitimate e-mail addresses — just one letter was off. In one case it was a capital “I” instead of a lowercase “l.”

You can see how anybody could have made this mistake — and just how sneaky scammers have become.

It’s Not Just Money At Stake

While these led to financial losses, fleet managers have reported data freezes from ransomware attacks. In a time when practically everything is computerized, not having access to your data can stop your operation in its tracks.

It means no e-mails, no fuel system, no fleet management information system, no diagnostic software, and no VoIP phones. It means going back to paper work orders, downloading fuel data from sites manually, and outsourcing work that can’t be diagnosed using technicians’ personal scan tools.

This was the case when I spoke to the City of Baltimore, Maryland, and the City of Durham, North Carolina, fleet departments about their ransomware attacks in 2019. In 2021, the City of Tulsa, Oklahoma, fleet division faced the same issue and reported similar problems.

Being vigilant when using computers is one way to prevent cyberfraud. Unfortunately, your department can be affected if other people aren’t vigilant or if your network’s defenses just aren’t strong enough. As this becomes a bigger problem in the future, fleet managers need to prepare for the possibility of a cyberattack.

Have you considered how your fleet department will respond?

About the author
Thi Dao

Thi Dao

Former Executive Editor

Thi is the former executive editor of Government Fleet magazine.

View Bio