“We believed we were verifying properly, but this incident has led us to create additional verification measures to ensure this does not happen to us again in the future.”
That realization came after Global Protection Corp. became the victim of what the company describes as a sophisticated cyber-enabled cargo theft scheme involving compromised carrier credentials, legitimate truck drivers and a Walmart-bound shipment valued at approximately $1.7 million. The theft, which involved roughly 103,000 units of ONE Condoms and lubricant, attracted national attention because of the unusual commodity. For Ryan Findling, director of operations at Global Protection Corp., the more important story is what the company learned after the theft and how it has changed the way freight moves through its network.
How the scheme unfolded
According to Findling, the trucks were loaded on April 21, 2026. Two days later, the receiver notified Global Protection that the trucks had never arrived for their scheduled appointment. What initially appeared to be a delayed shipment quickly evolved into something much larger. The company alleges hackers sent a phishing email disguised as a broker agreement to a legitimate trucking carrier. After the carrier unknowingly downloaded malware, the attackers allegedly gained access to company credentials and internal systems, allowing them to impersonate the carrier and secure the load through a DAT listing.
The scheme did not end there. According to Findling, the hackers then assumed the role of a freight broker and hired legitimate independent truck drivers to physically move the shipment. The drivers arrived at Global Protection’s warehouse in Lynn, Massachusetts, with the correct shipment numbers and paperwork. Believing they were dealing with the legitimate carrier that had won the load, warehouse employees loaded the freight without suspicion.
While the trucks were traveling to Pennsylvania, the criminals allegedly contacted the drivers and redirected them to a warehouse in the Bronx. The drivers unloaded the freight and were paid for their services. The theft was not discovered until the Pennsylvania receiver reported that the shipment had never arrived. According to Findling, the FBI later informed Global Protection that an arrest had been made, although the bureau did not confirm whether the individual arrested was responsible for hijacking the company’s shipment. The products have not been recovered.
When trust was no longer enough
For Findling, one of the most surprising aspects of the incident was not the theft itself but how many legitimate businesses unknowingly became part of the scheme. He told FreightWaves that hackers allegedly posed as a broker to hire additional legitimate carriers and used blind shipment techniques to bypass the company’s existing security procedures. Perhaps most alarming, he said, was discovering that the carrier whose identity had allegedly been compromised never even knew it had accepted the load because evidence of the transaction had been removed from its email system.
The FBI would not confirm or deny an investigation into the Global Protection incident but said cyber-enabled cargo theft continues to be a growing threat throughout the transportation industry. In a statement to FreightWaves, the bureau said criminal actors are increasingly using GPS spoofing, business email compromise and stolen motor carrier numbers to steal freight. The FBI added that food and beverage products were the most frequently stolen commodity category in 2025, increasing 47% from the previous year, with meat and seafood products heavily represented among thefts in the northeastern United States.
What changed after the theft
The incident fundamentally changed how Global Protection approaches transportation security. According to Findling, the company has reduced its dependence on brokers and is actively building additional direct relationships with carriers to strengthen supply chain security. The company also implemented a two-step verification process for truckload shipments that requires the power unit number, driver’s name and driver’s phone number to appear on the bill of lading before freight is released.
When a truck arrives at the warehouse, employees now verify that the driver’s identity matches the bill of lading and contact the broker for a second confirmation before loading the shipment. The company also photographs the truck, the products inside the trailer and the driver’s license as part of the pickup process. Findling said Global Protection has implemented new employee training procedures, remains vigilant for suspicious activity and encourages workers to escalate concerns immediately.
The biggest change, however, may be cultural. Findling said the company intentionally slowed its shipping process after the theft because urgency is often what criminals rely on to succeed. “Since many crimes rely on your guard being let down due to a sense of urgency, we intentionally slowed down the process to ensure we are securely verifying each shipment,” he said.
The cargo involved in this theft may have attracted headlines because of the commodity, but the lessons extend far beyond a single shipment. According to the FBI, cyber-enabled cargo theft is increasing as transportation companies rely more heavily on digital communications and online load boards to move freight. For Global Protection, the experience reinforced a lesson that more companies may soon have to learn: Trust remains important, but verification has become essential.
Click here for more articles on cargo theft and freight fraud by Phillip Brink.
How hackers allegedly stole $1.7 million worth of condoms – FreightWaves
July 4 holiday period exposes supply chain vulnerabilities – FreightWaves
The post The price of trust: How a cargo theft changed one shipper appeared first on FreightWaves.
