Photo Credit: ASIA TIMES
Scam Targets Maritime Operators with False “Safe Passage” Fees in Strait of Hormuz
June 24, 2025 – Strait of Hormuz – A new extortion scheme has emerged targeting shipping vessels in one of the world’s most strategic maritime chokepoints. Criminals are sending fraudulent emails to ship owners and operators, demanding USD 100,000 for “safe passage” through the Strait of Hormuz. The spoof messages threaten that vessels that refuse to pay risk being “blown up,” according to incident reports shared by EOS Risk Group’s Martin Kelly.
The messages purport to originate from Iranian or Houthi-affiliated entities and claim that payment guarantees protection from lethal attacks during both inbound and outbound transits. The email text is riddled with poor grammar, spelling mistakes, and lacks official branding—classic indications of a phishing attempt. Investigators note that the scammer-operated email server lacks any credible affiliation credentials.
Though regional tensions have recently eased—with Iran, the U.S., and Israel reportedly reaching a ceasefire agreement—this has not deterred scammers from exploiting the situation. There is no evidence that any vessel paid the demands, and no attacks have been confirmed following the emails.
The Strait of Hormuz remains a critical artery for global energy markets, with approximately 20 million barrels of oil passing daily. Even a minor disruption or perceived threat in this narrow passage draws immediate attention from the international maritime community.
Criminal networks are leveraging the heightened sense of vulnerability in the region—compounded by drone swarms, drone jamming, and military conflicts connected to the wider Israel‑Iran escalation—to add psychological pressure on shipping operators.
Maritime authorities and naval patrols—including those under European Maritime Awareness in the Strait of Hormuz (EMASoH) and allied naval forces—continue using reputable channels to issue alerts and provide escorts. Yet this scam introduces a cybersecurity dimension to maritime risk that is less visible but equally serious.
Shipping firms are strongly advised to follow these protocols:
-
Authenticate all communications: Reject any unsolicited messages that demand payment for transit without official confirmation.
-
Verify via secure channels: Check legitimacy with recognized maritime security agencies or naval command before responding.
-
Escalate internally: Immediately notify company security and intelligence units if such an email is received.
-
Report incidents promptly: Inform port authorities and military escorts, none of which charge transit fees.
-
Train crews: Educate onboard and operational teams on recognizing extortionate email traps and phishing attempts.
This “safe passage” email scam preys on the fear associated with real geopolitical risks in the Strait of Hormuz. The perpetrators are not militant groups but opportunistic fraudsters using threats to extort money. The most effective defence remains cautious verification, rapid escalation, and coordination with official maritime escorts. Shipping companies should treat any unsolicited “transit fee” request as both a security and cybersecurity red flag to protect their vessels and reputations.
