A lack of awareness continues to leave trucking companies vulnerable to cyber-enabled cargo crime, as fraudsters exploit gaps in knowledge, processes and verification across the industry.

“Be informed. Educate yourself. Ignorance is the first opportunity for exploitation,” said Shawn Rasmor, principal product manager at Truckstop,com, during a National Motor Freight Traffic Association (NMFTA) webinar on freight fraud prevention.

Rasmor and Ben Wilkens, principal cybersecurity engineer at NMFTA, said that cyber-enabled freight fraud is becoming more sophisticated, with criminals increasingly using phishing, spoofed websites and compromised systems to steal identities, divert loads and access sensitive information.

While these tactics have existed for years, the panellists said they are evolving rapidly in both scale and precision.

Rasmor said recent activity shows a clear shift toward more advanced and targeted attacks, even if a direct correlation to specific spikes is difficult to measure. He noted that fraudsters often take advantage of periods of disruption — such as economic uncertainty or rising fuel costs — to exploit carriers and brokers under pressure.

Spoofed domains

Wilkens said this pattern is consistent across industries, with fraud activity typically increasing during times of upheaval, whether tied to economic shifts, natural disasters or geopolitical events.

A growing concern is the widespread use of phishing emails, spoofed domains and fraudulent platforms designed to capture login credentials. Once obtained, those credentials can be used to impersonate legitimate carriers or brokers, access systems, and facilitate fraud.

Rasmor said criminals are also using widely available digital tools to accelerate their operations, allowing them to quickly build convincing fake websites, emails and platforms that closely resemble legitimate ones.

Programs hidden within company networks

In parallel, experts are seeing more advanced malware capable of evading traditional antivirus systems. These programs can remain hidden within company networks, enabling attackers to quietly monitor activity and target specific organizations rather than relying on mass scams.

Another emerging tactic involves disguising how attackers connect to systems. Even when companies attempt to block access from VPNs or proxy services, more sophisticated actors can mask their connection methods to appear as legitimate users, making detection significantly more difficult.

Rasmor said these developments highlight the limitations of relying solely on automated systems or basic security controls. While automation has helped improve efficiency across the industry, it has also introduced new vulnerabilities when not paired with proper verification.

Building trusted relationships

He emphasized that building trusted relationships and verifying identities remain critical safeguards, particularly as fraud schemes become harder to detect.

Wilkens said companies should ensure safeguards are built into their processes, especially for high-risk actions. Even when communications appear legitimate, additional verification steps can help prevent unauthorized activity.

Both speakers stressed that companies should shift their mindset from trying to fully prevent cyber incidents to focusing on reducing their impact.

“It’s not a question of if you’re going to be compromised, but when,” Rasmor said. “The key is minimizing the impact.”

Adding layers of authentication

That includes limiting system access, adding layers of authentication and ensuring that a single compromised account cannot expose an entire operation.

In some cases, attackers are gaining access to legitimate systems and using them to send highly convincing internal messages, making it more difficult for employees to distinguish between real and fraudulent communications.

Rasmor also cautioned against overcorrecting by blocking entire categories of technology, such as VPNs or virtual phone numbers. While these tools can be used by bad actors, they also serve legitimate business purposes, and blanket restrictions can disrupt operations.

Applying higher levels of scrutiny

Instead, a more effective approach involves applying higher levels of scrutiny to sensitive actions while maintaining flexibility for routine business activity.

Wilkens said effective security requires balancing protection with operational needs, while remaining aware that threats are constantly evolving.

Beyond technology, both experts emphasized the importance of collaboration and information sharing to address freight fraud.

Rasmor said the issue requires a coordinated, industry-wide response that includes carriers, brokers, technology providers and law enforcement. Companies are encouraged to share information about incidents and emerging tactics to help strengthen collective defenses.

Underreporting remains a challenge

Wilkens added that building relationships with law enforcement agencies before incidents occur can improve response times and outcomes when fraud does happen. Proactive engagement also helps authorities better understand the types of schemes affecting the trucking sector.

However, underreporting remains a significant challenge. Many companies choose not to disclose incidents, which limits visibility into the scale of the problem and makes it harder to secure resources or policy support.

Rasmor noted that without a clear understanding of the financial and operational impact of freight fraud, governments and regulators may struggle to respond effectively.

Education and preparedness

In the meantime, education and preparedness remain critical.

The speakers recommend that companies train employees to recognize common fraud tactics, conduct internal awareness exercises and develop clear response plans for incidents such as stolen loads or compromised systems.

Even small fleets or owner-operators should have basic procedures in place, including steps for reporting incidents and verifying identities.

Wilkens said freight fraud should not be viewed as a single-function issue. Instead, it spans cybersecurity, operations and physical security, requiring coordination across departments.

Take time to verify transactions

Fraudsters often exploit gaps between teams or processes, making it essential for organizations to take a more integrated approach.

Rasmor also highlighted the importance of developing instincts and taking time to verify transactions, particularly in high-pressure situations.

In an industry where loads can be worth hundreds of thousands of dollars, he said, taking a moment to question inconsistencies or escalate concerns can prevent costly losses.

Wilkens added that delaying a transaction or choosing a different partner is often far less expensive than dealing with the aftermath of fraud.