FBI: Cyber-enabled cargo theft losses hit $725M as criminals hijack freight networks

The FBI is warning logistics and transportation operators that cyber-enabled cargo theft losses across the U.S. and Canada climbed roughly 60% year-over-year to nearly $725 million in 2025, with average loss per incident up 36% to $273,990 as crews focus on high-value freight. The attack pattern is consistent: phishing freight brokers and carriers with spoofed mail and lookalike domains, dropping remote monitoring tools to maintain access, then abusing trusted accounts to post fraudulent listings on digital load boards and accept real shipments under a stolen carrier identity.

Once loads are accepted, attackers reroute shipments to complicit drivers for resale and, in some cases, extort the rightful owners for the cargo’s location. Crews are also tampering with FMCSA registration and insurance records on compromised carriers, which delays detection — the legitimate broker often only learns of the breach when shipments booked in their name go missing. The Diesel Vortex group, identified earlier this year operating across 52 typosquatted domains since September 2025, is one example of the financially motivated actors working this niche.

The Bureau’s mitigations are unsurprising — MFA, out-of-band verification of shipment requests, two-channel validation of unexpected communications — but the deeper signal is that load boards and FMCSA records are now part of the attack surface, and the freight industry’s identity layer is soft enough that account takeover translates directly into physical theft.