A new form of cyber-enabled crime is emerging across global logistics networks — one where hackers and organized crime groups work hand-in-hand to steal entire truckloads of valuable goods. According to cybersecurity firm Proofpoint, cybercriminals have begun collaborating with real-world gangs to combine their digital and physical expertise, creating an unprecedented threat to the freight and logistics industry.
The scheme starts online. Hackers target transport brokers, freight forwarders, and logistics companies using phishing emails loaded with malicious links. Once a user clicks, malware installs remote monitoring and management (RMM) tools such as ScreenConnect, PDQ Connect, SimpleHelp, Fleetdeck, LogMeIn Resolve, or N-able. These tools are legitimate software often trusted in business environments, which makes them ideal “Trojan horses” for attackers. By blending into normal operations, they bypass antivirus detection and gain deep system access.
Once inside, hackers map the victim’s network, steal credentials using utilities like WebBrowserPassView, and hijack legitimate accounts to post fake freight listings or submit fraudulent load requests. When unsuspecting carriers respond, their systems are also compromised. The attackers then impersonate brokers or dispatchers, rerouting real shipments to fake delivery points, where their criminal partners on the ground seize the cargo. The stolen goods — often electronics, food, and beverages — are quickly resold online or smuggled abroad.
Proofpoint’s researchers report that this cyber-physical collaboration has been active since January 2025, with dozens of separate campaigns targeting freight companies worldwide. Some operations involved just a handful of phishing emails, while others delivered over a thousand messages in one wave. The campaign’s victims range from small independent carriers to major logistics firms.
The financial impact is staggering. According to the U.S. National Insurance Crime Bureau (NICB), cargo theft increased by 27% in 2024 and is projected to rise another 22% in 2025, reaching an estimated $34 billion in annual global losses. The most targeted regions include the U.S., Mexico, Brazil, Germany, India, Chile, and South Africa. Analysts warn that as digital logistics systems become more interconnected, they also become more vulnerable to exploitation by hybrid cybercrime networks.
To mitigate the risk, Proofpoint recommends logistics and transport companies:
- Restrict installation of unapproved RMM tools;
- Deploy network detection systems for suspicious remote connections;
- Never open .exe or .msi attachments from unknown senders;
- Provide cybersecurity awareness training to all employees handling freight bookings.
Conclusion
The line between cybercrime and traditional theft is blurring. Modern “highway robbers” no longer need guns or masks — just malware and access credentials. Proofpoint’s findings highlight how digital attacks can directly cause real-world losses, leaving warehouses empty and shipments missing. Unless companies strengthen their cyber defenses and enhance staff vigilance, these hybrid heists will continue to reshape the global logistics landscape, turning the digital highway into a dangerous place for business.
