Adobe Stock

Cargo theft goes digital as fake carriers and hijacked inboxes target fleets

You can read this article in 9 minutes

Cargo theft remains one of the biggest risks in road transport, but the modus operandi is changing. Instead of breaking into trailers, criminals are increasingly using phishing, account takeovers, identity theft and carrier impersonation to take control of loads remotely. A new Geotab survey suggests, however, that many European fleet managers feel less concerned than they did a year ago — a gap that could leave companies exposed.

The text you are reading has been translated using an automatic tool, which may lead to certain inaccuracies. Thank you for your understanding.

For transport companies, cargo crime continues to threaten operational continuity. What appears to be shifting is risk perception: Geotab’s latest findings indicate that some fleets now rate the threat lower than they did previously, even as the market continues to report frequent thefts and rising losses.

A risky drop in vigilance

Geotab’s research among European fleet managers shows that a majority say they are less concerned about cargo theft than they were a year earlier. That sits uneasily alongside industry observations from recent months pointing to a high number of incidents and growing damage. The survey covered more than 3,500 fleet managers across seven European countries.

The results are striking when viewed together. While 64% of fleet managers report lower concern than a year ago, respondents also say their companies experienced an average of 34 cargo-theft-related incidents over the past 12 months.

“Cargo theft is a serious threat to supply chains, driver retention and customer trust — but many fleets seem to be letting their guard down,” Iván Lequerica from Geotab notes.

How cargo crime rewrote the rules

Not long ago, cargo theft was most often associated with a break-in at a parking area. Today, the trend is moving towards manipulation: impersonation, social engineering and exploiting gaps in systems.

Criminal groups are also more organised and increasingly avoid using force. They can take over a load using paperwork that appears legitimate at first glance, which is why traditional security measures are more likely to fall short.

For carriers, the most pressing risk now comes from digital fraud built around phishing, account takeovers, identity theft and forged documents. These tactics make it possible to take control of a transport operation without ever touching the cargo.

The technology gap that keeps being exploited

Geotab points to a mismatch between the scale of today’s threats and the safeguards many fleets use in practice. Tools such as real-time trailer monitoring, sensor-based alerts or driver identity checks are available, but adoption remains limited. The most common security measure is still cameras, cited by 27% of respondents.

Where companies lack data integration, driver verification and real-time visibility, organised groups find it easier to identify and exploit weaknesses.

False comfort: relying on insurance

The study also suggests some businesses still treat insurance as their primary line of defence. Geotab reports that 22% of respondents rely only on policies that reimburse losses after theft, rather than investing in prevention.

In Geotab’s view, that approach does not prevent supply chain disruption or protect customer relationships. Instead, it tends to spread costs across the market through higher insurance premiums and higher service prices. Over time, it does not reduce losses — it entrenches them.

The hidden cost that doesn’t show up on the invoice

Geotab stresses that cargo theft does not end with the value of the missing goods. A single incident can trigger supply chain disruption, damage customer trust and generate additional costs linked to delays, claims and rising insurance premiums. The impact is felt not only by carriers, but across the wider supply chain.

Criminals are moving faster than the sector — through process, not force

The drop in concern among carriers, despite the growing number of thefts, does not reflect an improving situation. Piotr Sobala, International Security Team Leader at Trans.eu, argues it is more likely the result of several overlapping factors that distort how risk is assessed.

“It may be a mix of factors: not keeping up with evolving, increasingly refined crime scenarios; a misleading sense of control (GPS, insurance, the belief ‘it has never happened to me’); and the constant pressure and rush in the industry. Combined with responsibility being spread across organisations, this can push the sense of threat into the background,” the expert says.

In practice, criminals are increasingly staying ahead not through force, but through process. Classic theft is giving way to fraud based on posing as legitimate companies.

“Most incidents involve impersonating real, unsuspecting businesses. Sometimes all it takes is a copy of basic documents and a fake email address that looks almost identical to the original — different by just one letter,” Sobala says.

More advanced attacks are also becoming more common, including phishing-driven email inbox takeovers. That can give criminals temporary control over a company’s communications — and even its activity on transport platforms.

Sobala confirms that over the past 12 months there has been a clear shift away from physical theft and towards digital fraud.

The target profile is changing, too. According to Sobala, electronics, home appliances, food products and photovoltaic installations remain attractive, but criminals are less focused on specific product categories than they used to be.

“In an era of impersonation and phishing, more and more often the stolen cargo is simply whatever is available and poorly protected,” the expert emphasises.

What matters is not only whether a company uses a platform, but also which verification mechanisms are in place. Solutions based on ongoing checks of carrier identity and documents — along with security standards developed with industry bodies such as TAPA — are becoming increasingly important.

Piotr Sobala also highlights the role of transport platforms:

“In my view, platforms play a dual role. On the positive side, they enable counterparty verification, build transaction and reputation histories, and — above all — analyse (or at least should analyse) data from previous incidents, which can raise security by creating new mechanisms that identify risk faster and more effectively. On the other hand, some platforms can still be used by criminals for impersonation or for creating numerous one-off, practically anonymous interactions,” he explains.

Against this backdrop, solutions that do not rely solely on user declarations, but on continuous verification, are gaining relevance. One example is Certified Carrier Exchange, a platform launched by Trans.eu in cooperation with TAPA EMEA. Access is limited to carriers with a valid TAPA TSR certificate, and the status is checked automatically against the organisation’s database. The mechanism is designed to reduce risks linked to false carrier identities and outdated documents.

Transport companies need security procedures that actually stick

A persistent issue is that many companies still operate without consistent security routines.

Contrary to popular belief, the biggest barrier is not the cost of security measures.

“Most often, the concern is that extra checks will slow the business down. Next comes a lack of awareness about the true scale of the risk, and only then an overestimation of the cost of additional safeguards. Companies often don’t have real verification processes in place, rely on actions performed by someone else, or accept too much ‘on trust’. I would add, however, that from my perspective there has been clear progress in awareness and behaviour compared with five or more years ago,” Piotr Sobala says.

At the same time, simple steps can significantly reduce exposure, even without major investment.

“Any change to the unloading location should trigger additional verification, for example by calling the company using an official number you find independently online. Careful checks of email domains matter too, as do red-flag lists for dispatchers, internal alerts about suspicious orders, and limiting the publication of sensitive data,” Sobala advises.

He also stresses the value of a systematic approach.

“The key is for every organisation in the sector to have its own verification process — even a basic one. We don’t verify only when something looks suspicious. Every order should pass a minimum control standard,” Sobala says.

In the expert’s view, digitisation itself is neither the threat nor the cure — what matters is how it is used.

Experts increasingly point out that effective protection cannot rest on GPS tracking or insurance alone. Stronger counterparty verification, secure electronic communication and tools that detect impersonation attempts are becoming essential.

“Today the main challenge isn’t a lack of methods or technology — it’s that security too rarely becomes part of the everyday workflow, our work routine. Every order should go through at least a basic verification process,” Piotr Sobala concludes.

Tags:

Also read