The U.S. Federal Bureau of Investigation has issued a formal advisory warning the transportation and logistics industry of a sharp escalation in cyber-enabled cargo theft operations. According to the FBI, estimated financial losses tied to these attacks reached nearly $725 million across the United States and Canada in 2025 — a figure that marks a significant increase from prior years and establishes cyber-assisted cargo fraud as a major emerging threat to physical supply chains.
The Scale of the Problem
The FBI advisory, directed at freight brokers, logistics carriers, shippers, and freight forwarding companies, details a campaign that has been actively operating for approximately two years. During that period, cybercriminals have systematically compromised the IT systems of transportation and logistics companies, using unauthorized access to broker networks and carrier management platforms to set the stage for large-scale cargo theft.
The $725 million loss figure encompasses physical cargo that was fraudulently diverted, never delivered, or stolen outright — losses that fall on shippers, cargo insurers, and in some cases, carriers whose identities were stolen to perpetrate the fraud.
How the Attacks Work
The FBI describes a multi-stage attack chain that blends cyber intrusion with identity fraud and physical execution:
Stage 1: Breach the Broker or Carrier
Attackers first compromise the IT infrastructure of freight brokers or carriers through standard intrusion techniques — credential stuffing using stolen logins, phishing campaigns targeting logistics employees, exploitation of vulnerabilities in freight management software, or purchasing access through initial access brokers on criminal forums.
Once inside, they can harvest:
- Load board credentials and access tokens
- Shipper contact lists and freight schedules
- Carrier MC (Motor Carrier) numbers and DOT identifiers
- Pending load listings with pickup/delivery details
Stage 2: Impersonate the Victim Company
With legitimate company identifiers and credentials in hand, attackers pose as the compromised broker or carrier on digital freight marketplaces and load boards — the online platforms where shippers post freight that needs to be moved and carriers bid to haul it.
Because they are operating with real company credentials and legitimate MC numbers, the fraudulent actors appear indistinguishable from the actual company to shippers and dispatch systems.
Stage 3: Accept Loads and Divert Freight
The fraudulent actors accept freight loads that appear to be routed to legitimate destinations. In reality, the cargo is either:
- Delivered to an unauthorized location for theft or resale
- Simply never picked up, leaving shippers with undelivered freight and no recourse
- Sold off in secondary markets before the fraud is detected
By the time a shipper or the legitimate carrier realizes something is wrong, the goods may be hundreds of miles away or already liquidated.
Why This Matters Beyond the Freight Industry
Cargo theft at this scale has ripple effects across multiple sectors:
Consumer goods: Electronics, pharmaceuticals, luxury goods, and food products are frequently targeted due to their resale value. Theft of these items feeds grey markets and in some cases funds organized crime.
Healthcare supply chains: Medical devices and pharmaceuticals are high-value cargo targets. Theft and diversion of medical goods creates patient safety risks if stolen products re-enter the supply chain without proper handling or cold chain integrity.
National security: Critical components for defense and industrial applications move through commercial freight networks. The FBI's involvement signals concern that the same techniques used for cargo theft could be applied to more sensitive freight categories.
Insurance markets: Sustained cargo theft losses are driving up freight insurance premiums across the industry, increasing costs for legitimate shippers.
Indicators of Fraud
The FBI's advisory highlights several red flags for freight industry participants:
- Brokers or carriers who are difficult to reach by phone after accepting a load
- Slight variations in company names or contact information compared to records on file
- Requests to change delivery addresses or pickup windows at short notice
- Email domains that differ slightly from the known company (homograph attacks, typosquatting)
- Carriers with newly registered MC numbers or FMCSA records that don't match their claimed experience level
- Load confirmation documents with formatting inconsistencies compared to prior communications
Recommendations for the Freight Industry
The FBI advisory includes operational guidance for transportation and logistics companies:
For brokers:
- Implement multi-factor authentication on all load board accounts and freight management systems
- Verify carrier identity through secondary channels (phone call to a known number, not one provided in the email) before confirming loads
- Monitor for account activity from unusual locations or at unusual hours
- Establish callback verification procedures for last-minute pickup or delivery changes
For carriers:
- Monitor for fraudulent use of your MC number and DOT identifier on load boards you haven't posted to
- Alert shippers immediately if you receive inquiries about loads you did not accept
- Harden access to freight management platforms with phishing-resistant MFA
For shippers:
- Develop a carrier verification checklist that includes cross-referencing FMCSA records
- Require signed proof of delivery with driver identification before releasing cargo
- Track high-value shipments with independent telematics, not just carrier-provided tracking
A Hybrid Threat Model
The FBI's framing of this as "cyber-enabled" cargo theft is significant. It describes a threat that sits at the intersection of cybercrime, fraud, and physical crime — a convergence that is increasingly common. The digital intrusion enables the fraud, and the fraud enables the physical theft.
Law enforcement traditionally separates cyber investigations from physical crime units. The FBI advisory signals a recognition that cargo theft in 2026 is fundamentally a cyber problem that manifests in the physical world, and that effective response requires coordination across both domains.
Transportation and logistics companies that have treated cybersecurity as a secondary concern behind operational efficiency now face a compelling financial argument for investment: at $725 million in annual losses and growing, the cost of a breach can far exceed the cost of prevention.