WASHINGTON, D.C. — The Federal Bureau of Investigation issued a public service announcement on April 30, 2026, warning the transportation and logistics industry of a significant and growing threat: sophisticated cyber-enabled cargo theft schemes that use hacked broker and carrier accounts, fake load board postings, and phishing attacks to hijack freight and steal high-value shipments.
Estimated cargo theft losses in the United States and Canada surged to nearly $725 million in 2025 — a 60% increase over 2024. Confirmed cargo theft incidents rose 18%, and the average value per theft climbed 36% to $273,990, driven by more selective targeting of high-value loads.
How the Scheme Works
The FBI outlined a multi-step process used by cyber-enabled cargo thieves.
First, threat actors compromise broker and carrier accounts by sending spoofed emails that appear to come from legitimate companies. The emails typically contain links to review a carrier broker agreement or resolve a negative service rating. Those links lead to phishing websites that download remote monitoring and management software, giving thieves complete, undetected access to the victim’s computer systems.
Second, using compromised accounts, criminals post fraudulent load listings on trucking load boards — sometimes in the tens of thousands. Legitimate carriers bid on the fake loads and are sent additional malicious links that compromise their own systems.
Third, posing as the compromised carrier, the criminals accept real shipments. They provide manipulated bills of lading, change delivery destinations, and even update the legitimate carrier’s contact information with FMCSA and alter insurance records to expand what loads they can accept. The actual carrier often does not realize anything is wrong until brokers contact them about missing loads booked under their authority without their knowledge.
Fourth, the stolen loads are cross-docked or transloaded to complicit drivers — sometimes on the side of a road — who redirect the cargo and sell it for profit. In some cases, the criminals then contact the broker demanding a ransom for the location of the missing freight.
Warning Signs to Watch For
The FBI said companies should be on alert for the following red flags: contact from brokers or carriers about shipments made in a company’s name that were never authorized; emails using free providers to spoof legitimate company domains; requests to download documents from shortened or unfamiliar URLs; emails claiming negative service reviews with links to resolve them; unauthorized mailbox rules such as forwarding to external addresses or auto-deletion; and email domains that mimic legitimate ones through extra punctuation, misspellings, different top-level domains, or added prefixes or suffixes. Phone numbers used by criminals are often VOIP numbers, app-based numbers, or numbers used for short periods of time, with some observed making contact with overseas numbers.
How to Protect Your Business
The FBI recommends independently verifying all shipment requests and pickups through secondary methods before releasing any loads. Companies should implement multi-channel verification for all transactions. Familiar names and email addresses alone should never be considered sufficient confirmation of authenticity — validate unexpected communications through a two-factor authentication process. Maintain thorough documentation of all parties involved in every transaction, including photos of drivers, licenses, vehicles, license plates, cab numbers, truck numbers, DOT and Motor Carrier numbers, and all contact details.
How to Report It
Anyone who believes they have been the victim of a cyber-enabled cargo theft scheme should file a police report with local law enforcement and submit a complaint to the FBI’s Internet Crime Complaint Center at www.ic3.gov, or contact their local FBI field office.
📸 Image(s) used under fair use for news reporting.
