I. The Brutal Reality of Freight Fraud

What You're Actually Up Against

Freight fraud isn’t an abstract risk that only happens to other companies. It’s a coordinated, repeatable operation designed to exploit gaps in verification and time pressure.

This isn’t usually opportunistic, one-off activity. It’s often organized networks running fraud with clear roles and playbooks: some actors create or hijack carrier identities, others handle communications (including spoofing), and others coordinate pickups. They share information, iterate quickly, and scale what works.

Here’s what the landscape looks like right now:

Double Brokering: The #1 Threat

In a broker survey, 86% of brokers who had experienced fraud said double brokering was involved, making it one of the most frequently reported schemes.

At its simplest: a fraudster poses as a carrier, accepts your load, then immediately re-posts it on a load board at a lower rate. A legitimate carrier hauls the freight believing they’re working with a real counterparty. You pay the impostor. The real carrier never gets paid. By the time the mismatch surfaces, the fraudster is gone.

What’s changed is the sophistication. Modern double-brokering schemes often combine multiple tactics:

• Identity hijacking: using stolen carrier authority details (MC/DOT), insurance documents, and public compliance history to impersonate a legitimate carrier

• Comms deception: caller ID spoofing on outbound calls, lookalike phone numbers, and call-forwarding setups that route responses back to the fraudster

• Document cloning: forged COIs and onboarding packets that look authentic but redirect contact details to the scammer

• Coordinated pickups: a driver shows up with plausible paperwork and enough load context to clear basic questions

Industry groups have been blunt that double brokering has reached crisis levels. And the broader fraud environment still rewards speed, scale, and weak verification, which keeps this playbook in circulation.

Identity Theft Has Gone Industrial

Identity-based freight fraud has shifted from one-off scams to repeatable, high-volume operations. The pattern is consistent: steal or mimic a real carrier’s identity, move fast, and rotate before anyone can connect the dots.

A common playbook looks like this:

• Acquisition: fraudsters collect legitimate carrier details through breaches, social engineering, or by pulling public records (MC/DOT, addresses, officer names, and other registry data).

• Impersonation setup: they register lookalike domains and email addresses, use call-forwarding or caller ID spoofing, and assemble document packs that mirror real onboarding materials (including forged COIs).

• Execution: they book loads quickly across multiple brokers, often prioritizing speed and responsiveness to avoid scrutiny.

• Rotation: once a name, email, or phone number gets flagged, they abandon it and repeat the process under a new identity.

What makes this especially dangerous is the setup time. With basic tools and public information, a convincing impersonation can be created quickly, which means “catch and block” alone doesn’t scale.

Cargo Theft Is Getting Smarter

Cargo theft is getting more expensive and more targeted. Recent incident reporting shows the average value per theft has risen sharply, with many events now involving loads worth hundreds of thousands of dollars. These aren’t random grabs. Criminals increasingly select shipments based on resale value, ease of fencing, and how reliably they can exploit process gaps.

The volume of theft events has also stayed elevated into 2025.

What’s changed most is the shift toward strategic theft. Traditional theft still happens, but a growing share of incidents involve deception instead of force: fictitious pickups, identity-based schemes, and paperwork manipulation. In these cases, the freight moves because someone was convinced the wrong party was authorized, not because a lock was cut.

That makes these incidents harder to detect. Physical security helps, but it won’t stop a release built on impersonation and believable documents.

Commonly targeted categories include:

• Electronics (phones, computers, TVs)

• Food and beverages (including alcohol)

• Household goods

• Pharmaceuticals

• Copper and other metals

• Luxury goods

If you broker freight in these categories, you’re a higher-value target, and your controls need to reflect that.

"Ghost Trucks" Are Everywhere

“Ghost trucks” are paper carriers. They look like legitimate trucking companies in databases and onboarding packets, but there’s no real operation behind them.

They’re typically created by:

• Establishing carrier authority or using stolen credentials (MC/DOT details)

• Presenting insurance documentation that’s forged, expired, or mismatched to the entity actually hauling freight

• Standing up communications (email, phone, sometimes a basic website) that route back to the fraudster

• Booking loads they can’t and won’t legitimately move
  
  
  

The intent varies. Some are built to enable double brokering. Others are set up for theft (or “fictitious pickup” scenarios). Others exist to collect quick payments and disappear before anyone realizes the load never moved.

What makes these operations dangerous is that they often clear superficial checks. The authority can appear active. The paperwork can look clean at a glance. The online presence can be polished. Catching them usually requires verifying the real-world operation behind the identity, not just the identity itself.

Why "It Won't Happen to Me" Is Dangerous

Fraud rarely announces itself in a convenient way. Often, the first clear signal is the loss: a payment that can’t be recovered, an angry shipper asking how this happened, and a carrier demanding to be made whole.

It tends to hit hardest when teams rely on assumptions like:

• “We’ve been doing this for years without issues.”

• “We only work with carriers we know.”

• “We’re too small to be a target.”

• “We can spot scams quickly.”

Confidence isn’t the problem. Unverified confidence is. Fraudsters look for speed, routine, and gaps that are treated as “good enough.”

The Anatomy of a Double Brokering Scam

Understanding exactly how these scams work is the first step to stopping them. Let's walk through a sophisticated double brokering operation step by step.

Phase 1: The Setup (Days to Weeks Before)

The fraudster chooses a real carrier to impersonate, one that looks safe on paper: clean authority, solid history, and credible insurance. Call them “ABC Trucking” (fictional).

They then assemble an impersonation kit:

• Pull public registry details: MC/DOT numbers, address, and other public-facing carrier data from government and industry registries.

• Obtain insurance documentation: by requesting it under a pretext or reusing documents previously shared in the ecosystem.

• Create lookalike contact points: a similar email address and, often, a domain that’s easy to mistake at a glance.

• Set up comms deception: caller ID spoofing on outbound calls, lookalike phone numbers, and/or call-forwarding so responses route back to the fraudster (not the real carrier).

• Clone operational paperwork: rate confirmation templates and onboarding materials that match the real carrier’s formatting and language.

At the end of this phase, the fraudster doesn’t just have a name. They have a full identity that can pass surface-level checks and move quickly through a standard brokerage workflow.

Phase 2: The Hook (Day Of)

A load is posted to a load board, often in a high-demand lane with a high-value commodity. The fraudster monitors new postings and moves quickly.

Using the impersonated carrier identity, they respond with a rate that feels reasonable, communicate fast, and sound operationally sharp. The goal is to look like the easiest, lowest-friction option to book.

A surface-level check can appear clean: the authority is active, the paperwork looks legitimate, and the insurance details seem to match at a glance.

You send the rate confirmation. They return it signed. On paper, you’ve covered the load. In reality, you’ve just contracted with an impersonator.

Phase 3: The Switch (Hours After Booking)

Shortly after the load is booked, the fraudster reposts the same shipment on another load board at a lower rate. At this point, they’re effectively operating as a broker.

A legitimate carrier, “XYZ Transport” (fictional), sees the posting and books it, believing they’re working with a normal brokerage counterparty. They have no visibility into the original transaction with you.

The fraudster issues XYZ a rate confirmation under another name or entity, and XYZ dispatches a driver to pick up the load.

Phase 4: The Pickup

XYZ’s driver arrives at the shipper with a rate confirmation from the fraudster and enough load details to look legitimate. Check-in goes smoothly.

The shipper releases the freight and issues the bill of lading. From your side, the pickup looks normal: the load shows as collected, and any status updates you receive indicate everything is on track.

Phase 5: The Delivery
XYZ delivers the load to the consignee. From the shipper’s perspective, the freight arrived. From your perspective, the load looks successfully covered and completed.
You pay the fraudster $3,000 under the rate confirmation you received from “ABC Trucking” (fictional example).

Phase 6: The Disappearance
The fraudster receives the payment and goes dark, often moving on to new identities and new loads.

Phase 7: The Fallout
Weeks later (often around typical net terms), XYZ Transport contacts you demanding payment. They hauled the load and have proof of delivery, including a signed BOL. They want their $2,200.
You’re confused, because you already paid “ABC Trucking.”
XYZ has never heard of you. They booked the load through a different counterparty name (“Midwest Logistics,” another identity the fraudster used).
You contact the real ABC Trucking. They have no record of your load. Their identity was used without authorization.

The final score:

• You’re out $3,000 (paid to the fraudster)

• XYZ Transport is out $2,200 (never got paid)

• The fraudster pockets $3,000 (minus basic infrastructure costs)

• The real ABC Trucking takes reputational damage

• Your shipper is left questioning your controls
  
  
  

The freight can move from first contact to delivery in a day or two. The realization often comes later, when payment disputes surface.

Why This Is Getting Worse

Three structural forces are converging to make freight fraud easier to run and harder to catch.

1) Speed culture

Freight runs on urgency. Loads need to be covered fast. Trucks need to stay moving. Broker teams are measured on responsiveness.

That pressure creates shortcuts. When a carrier is ready “right now,” it’s tempting to rely on a quick authority check and move straight to a rate confirmation.

Fraudsters optimize for this environment. They respond instantly, remove friction, and keep you in motion. The goal is simple: get you to commit before deeper verification kicks in.

2) More transactional freight

When markets loosen, a larger portion of coverage happens through one-off transactions instead of repeat lanes with known partners. That increases exposure because:

• You are working with new counterparties more often

• There’s less shared history to lean on

• The time between “first contact” and “booked” compresses

• Rate pressure makes borderline behavior easier to rationalize

Long-term relationships and repeat carriers reduce risk. The reality is most brokerages still need some level of transactional coverage, especially during volatility.

3) Technology scales the attacker faster than the defender

The same tooling that makes brokerage more efficient also makes fraud more scalable:

• Discovery is easy (fraudsters can find freight quickly)

• Document forgery is cheap and fast

• Phone and email impersonation is accessible

• Automation and AI make outreach look more credible

• Remote workflows reduce natural “human cross-checks”

Net effect: the cost to attempt fraud keeps dropping, so the volume of attempts keeps rising.

The enforcement gap

Public reporting and oversight have repeatedly pointed out that the complaint and review process has limitations, and that guidance and controls are not consistently strong enough to ensure complaints are handled in a uniform, reliable way.

So you cannot treat enforcement as your primary line of defense. Regulations can help at the margins, but operational controls are what prevent losses day to day.

Bottom line: treat fraud prevention like a core workflow, not a reactive investigation.