The U.S. Federal Bureau of Investigation (FBI) warned the transportation and logistics industry of a sharp rise in cyber-enabled cargo theft, with estimated losses in the United States and Canada reaching nearly $725 million in 2025.
This represents a 60% surge in losses compared to the previous year, fueled by criminals increasingly using hacking and impersonation tactics to hijack high-value freight. Confirmed cargo theft incidents have risen 18 percent last year alone, while the average value per theft grew 36 percent to $273,990, due to more selective targeting of high-value loads.
The bureau said in a public service announcement on Wednesday that threat actors have been infiltrating the computer systems of freight brokers and carriers through spoofed emails and fake web links since at least 2024.
Once inside, criminals post fraudulent listings on online load boards (digital marketplaces used by shippers, brokers, and carriers) and impersonate legitimate companies to divert shipments.
For instance, in February, the typosquatting monitoring platform Have I Been Squatted reported that the Diesel Vortex financially motivated threat group was stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks that had been running since September 2025 and were using 52 domains.
“The Federal Bureau of Investigation is publishing this Public Service Announcement (PSA) to warn the public of cyber threat actors increasingly using sophisticated, cyber-enabled tactics to impersonate legitimate businesses to hijack freight, steal high-value shipments, and reroute deliveries, resulting in a surge of strategic cargo theft,” the FBI warned.
“Cyber threat actors target US transportation and logistics sectors, including companies with interests in shipping, receiving, delivering, and insuring cargo.”
Attackers first compromise broker or carrier accounts by luring employees to phishing sites that install remote monitoring software, and then gain undetected access to the targeted company’s systems.
In the next stage, they post tens of thousands of fake freight listings, tricking legitimate carriers into downloading malicious files, and then accept real shipments under a stolen carrier identity. The loads are rerouted to complicit drivers, stolen for resale, and, in some cases, the criminals also demand ransoms for the location of diverted loads.
Threat actors linked to cyber-enabled cargo theft attacks will also alter the compromised carrier’s registration details with the Federal Motor Carrier Safety Administration and update insurance records, thus ensuring that legitimate companies will discover they have been hacked until brokers report missing shipments booked in their name without their knowledge.
To block cyber-enabled cargo theft attempts, the bureau urged transportation and logistics companies to verify all shipment requests through secondary channels, implement and enforce multi-factor authentication when possible, validate all unexpected communications using a two-factor authentication process, and maintain detailed records of all vehicles and drivers.
The FBI also advised victims of cyber-enabled cargo theft schemes to file a complaint with the Internet Crime Complaint Center (IC3) in addition to filing police reports for the stolen cargo.
In its 2025 Internet Crime Report, released earlier this month, the FBI said IC3 received over 1 million complaints last year, linked to nearly $21 billion in reported losses from various cyber-enabled crimes, including investment scams, tech support fraud, business email compromise, and data breaches.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
