A shipment designed to provide protection instead exposed vulnerabilities: nearly $2 million worth of condoms and lubricants never reached their Walmart destination after cybercriminals hijacked a legitimate trucking carrier, recruited unsuspecting drivers, and redirected the load to a warehouse in the Bronx, N.Y. 

Global Protection Corp., the sexual wellness manufacturer behind ONE condoms and lubricants, confirmed to trucknews.com that none of the stolen goods have been recovered so far and that the FBI investigation into the heist remains active.

“It was a shipment for Walmart, inbound to a third-party Walmart fulfillment provider,” said Ryan Findling, director of operations at Global Protection Corp.

The shipment contained 103,000 retail-ready units of ONE-branded condoms and lubricants with a total cargo value of approximately $1.7 million. The trucks were loaded on April 21 at the company’s warehouse in Lynn, Mass. Two days later, Global Protection was notified that the shipment had never arrived at its destination.

Smooth criminals

The company said the fraud began long before the load was ever booked. Criminals sent a phishing attack, disguised as a standard broker agreement, targeting a legitimate trucking company.

 “The carrier downloaded a trojan, giving the hackers access to their credentials and internal routing systems,” Findling explained.

Using the stolen credentials, the scammers allegedly impersonated the compromised carrier and successfully secured the bid through the DAT load board to move the goods to Walmart. Findling told trucknews.com that the original compromised carrier claims it never even saw the load booking, saying the attackers had filtered their email to avoid suspicion.

According to Global Protection, thieves simultaneously posed as a freight broker and hired legitimate independent truck drivers to move the shipment. The drivers arrived at the Lynn warehouse with legitimate shipment numbers and paperwork and were instructed to present themselves as part of the compromised carrier.

While warehouse staff noticed the trucks themselves did not carry the name of the carrier expected for pickup, Findling said that alone did not initially trigger alarm bells.

“Since this trucking company only has a few trucks, it’s not completely out of the norm for the trucks to arrive unbranded,” he said.

At the time, the shipment details, paperwork, and carrier credentials all appeared legitimate, and warehouse staff released the shipment. The drivers then departed toward the intended Walmart distribution facility in Pennsylvania. However, while en route, the scammers contacted the drivers and redirected them to a new location.

“The drivers arrived at a warehouse in the Bronx, unloaded the $1.7 million cargo, and were paid for their transport services by the scammers,” Findling said.

The theft was only discovered after the Pennsylvania receiver reported on April 23 that the shipment never arrived. According to Global Protection, law enforcement later used license plate reader cameras to trace the trucks’ movements from Massachusetts to New York.

“The FBI notified us that an arrest has been made, but could not confirm whether the person was the same individual that hijacked Global Protection’s shipments,” Findling said.

The aftermath

The company said the incident led to the implementation of strict new verification protocols.

The new two-step verification procedures require truck numbers, trailer numbers, driver names and phone numbers to be listed on bills of lading before arrival. Warehouse staff now have to verify driver identities directly with brokers and photograph trucks, cargo inside the trailers and drivers’ licences before releasing freight.

“Since many crimes rely on your guard being let down due to a sense of urgency, we intentionally slowed down the process to ensure we are securely verifying each shipment,” Findling said, adding the company also established direct relationships with more carriers to reduce dependence on brokers.

Global Protection has also since secured contingent cargo insurance coverage designed for shipments involving transportation intermediaries, but Findling said determining who ultimately bears responsibility for the loss remains complicated.

“This is a challenging insurance situation in [determining] who ultimately has liability. We do not know about the policy of the carriers that actually picked up the loads. Our file is claimed with our broker, and our broker is going after the carrier that was hacked. However, because that carrier didn’t actually have the load, it’s very complicated and ongoing…Because this is a cyber-enabled crime, we’re also working with our cyber insurance company to recover funds.”

Findling said the case exposed broader weaknesses across the freight ecosystem.

“There’s a critical lack of accountability in the current ecosystem,” he said. “It’s easier to prevent fraud with major carriers like FedEx due to established branding and trust, but it’s far harder with smaller, hardworking carriers,” Findling said. “This dynamic, unfortunately, drives shippers to pay premiums for larger carriers to mitigate risk, often at the expense of smaller carriers who might provide better service.”

He argued the industry needs to place greater emphasis on communication verification and identity validation, even if stronger security measures slow operations. Findling also believes that load boards and some companies may lack sufficient security protocols and technological sophistication to prevent increasingly advanced cyber-enabled fraud schemes.

A growing threat

The irony of it all is in the fact that the Global Protection theft occurred just days before the FBI issued a public warning about a steep rise in cyber-enabled cargo theft schemes.

In an April 30 advisory, the agency said cybercriminals have increasingly used phishing emails, spoofed websites and compromised carrier accounts to impersonate legitimate transportation companies and steal freight. According to the FBI, attackers typically gain access to a broker’s or carrier’s systems, use the compromised accounts to secure legitimate loads, and then recruit partially unwitting drivers to pick up and transport the cargo before redirecting it for resale. That is essentially how the Global Protection load slipped away.

The bureau said that estimated cargo theft losses in the U.S. and Canada surged to nearly $725 million last year (a 60% increase from 2024), while confirmed cargo theft incidents increased by 18%. The average value per theft rose 36% to $273,990, driven by more selective, high-value targets.

In a separate webinar on cybersecurity hosted earlier this month by CarriersEdge, Ben Wilkens, director of cybersecurity at the National Motor Freight Traffic Association, explained the rise in such sophisticated crimes by thieves figuring out that compromising email accounts and redirecting freight can be much more profitable — and much less risky — than traditional cargo theft. In many cases, the criminals never actually physically touch the freight themselves.

“They just coordinate the movement of freight from one location it was supposed to go to another one,” Wilkens said. “Sometimes the people that are engaged — the driver that is actually hauling that load — has no idea they’re hauling a load for a criminal.”

Referring to the justice system and lenient penalties for cargo theft, he further reiterated that criminals will continue to target high-value loads that are easy to get rid of because the potential rewards often outweigh the consequences.

“They’ve found a soft target,” he said. “If you steal $10 million from a bank, you’re going to get put in jail for a long time. If you steal $10 million worth of cargo, the penalties are nowhere near as severe.”