Your Carrier Vetting Was Perfect. The Freight Still Got Stolen at the Dock.

A brokerage in Memphis vetted a carrier for a $220,000 electronics load. Active authority, valid insurance, Satisfactory safety rating, 8 years of operating history, 340 roadside inspections on record. The carrier was legitimate. The pickup was scheduled for 6:00 AM at a distribution center outside Nashville. At 5:15 AM, a different truck pulled up to the dock. The driver presented a BOL with the correct PO number, the correct commodity description, and the correct consignee address. The dock supervisor released the freight. By the time the real carrier's truck arrived at 6:10 AM, the load was gone. The brokerage's vetting had been flawless. The freight was still stolen.

The scammer never interacted with the broker. They didn't need to. They had the pickup details from a compromised load board posting or an intercepted rate confirmation, and they used those details to show up at the dock before the real truck and convince a shipping clerk to release the load. The broker's vetting process was irrelevant because the attack didn't target the broker. It targeted the dock.

A fictitious pickup is a cargo theft method where a scammer sends an unauthorized truck to a shipper's facility to pick up freight by presenting stolen or fabricated shipment details. It is the fastest-growing form of cargo theft in the United States, with incidents up over 40% year-over-year according to CargoNet reporting. Unlike identity-based fraud that targets the broker's vetting process, fictitious pickup bypasses broker vetting entirely by attacking the weakest link in the freight chain: the shipper's dock release procedure. Preventing it requires controls at the dock, not just controls in the brokerage office.

What Is a Fictitious Pickup?

A fictitious pickup happens when someone other than the assigned carrier sends a truck to a shipper's dock and picks up freight by presenting shipment details that match the expected load. The shipper's dock crew releases the freight believing they are loading the correct carrier.

This is different from other cargo theft methods. In-transit theft happens after the legitimate carrier picks up the load. Identity fraud (MC cloning) happens at the broker level during the booking process. A fictitious pickup happens at the shipper's physical facility, before the real carrier ever arrives, and requires no interaction with the broker at all.

The scammer doesn't need to hack anything. They don't need to clone an MC number. They don't need to talk to the broker on the phone. They need five pieces of information (facility address, reference number, commodity, consignee, and appointment time) and the ability to show up with a truck before the real carrier does. Every one of those data points is available in a standard rate confirmation or load board posting.

How a Fictitious Pickup Scam Works Step by Step

The attack follows a consistent six-step sequence that typically takes less than 24 hours from reconnaissance to theft.

1. Monitor load boards for high-value loads. The scammer watches posted loads for commodities worth stealing: electronics, pharmaceuticals, alcohol, consumer goods, and branded apparel. They note the origin facility, pickup date, and any details included in the posting. Some scammers use automated scrapers that flag loads above a certain dollar value.

1. Obtain the pickup details. The scammer gets the specific reference number, dock assignment, and appointment time. These come from one of three sources: the load board posting itself (if the broker included too much detail), a voice phishing call to the broker or shipper posing as the carrier's dispatcher asking to "confirm pickup details," or a compromised email account that received the rate confirmation.

1. Create a fake BOL. Using the shipper name, PO number, commodity description, weight, and consignee address, the scammer creates a bill of lading that matches the expected shipment. BOL templates are freely available. The document doesn't need to be perfect. It needs to contain the right reference numbers.

1. Arrive at the dock early. The scammer's truck shows up 30-90 minutes before the scheduled appointment. Early arrivals are common in freight. Dock supervisors don't treat them as suspicious. The driver presents the fake BOL, references the correct PO number, and waits. Many facilities operate on a "first truck with the right paperwork gets loaded" basis, especially during early morning shifts with high dock volume.

1. Load the freight and leave. The dock crew loads the truck because the paperwork matches. The driver signs whatever needs signing (using a fake name) and drives away. The entire dock interaction looks normal.

1. Disappear. The truck leaves the facility and the freight enters a theft network. High-value goods are moved to a warehouse, repackaged, and resold. The trailer may be abandoned. By the time the real carrier arrives and the dock says "we already loaded that order," the scammer has a 45-minute to 2-hour head start.

Why Standard Carrier Vetting Doesn't Prevent Fictitious Pickup

Carrier vetting protects against booking fraud: cloned MCs, chameleon carriers, double brokers, and uninsured operators. It does not protect against dock-level theft because the fictitious pickup scammer never enters the broker's workflow.

Consider what broker-side vetting verifies:

• The carrier's MC number is active
• Insurance is on file and current
• The safety rating is acceptable
• The carrier's identity matches FMCSA records
• The carrier's inspection history shows real operating activity

Every one of these checks could score perfectly, and a fictitious pickup still succeeds because the person stealing the freight isn't the carrier you vetted. They're a separate actor who obtained the pickup details and showed up at the dock with a truck. Your carrier is real. The thief doesn't need your carrier to be fake. They just need to get to the dock first.

This is the core insight brokers miss: fictitious pickup is a shipper vulnerability, not a broker vulnerability. The broker can't vet the truck that shows up at a dock they don't control. The prevention has to happen at the facility level, which means the broker needs to push dock-level controls to their shippers.

The Dock-Level Controls That Actually Prevent Fictitious Pickup

Preventing fictitious pickup requires verification at the point of freight release, not at the point of carrier booking. These six controls address the specific attack sequence described above.

1. Require a unique pickup number communicated only to the assigned carrier's driver. Generate a random alphanumeric code after the rate confirmation is signed and share it only with the carrier's dispatcher by phone. Do not include it in email, the rate confirmation, or any document that could be intercepted. The dock releases freight only when the driver provides this code.

1. Verify the truck's DOT number at the dock. Before loading, the dock supervisor checks the DOT number on the truck against the carrier on the broker's rate confirmation. If the DOT doesn't match the assigned carrier, the truck is not loaded. Use CarrierBrief's MC/DOT lookup, which shows the registered carrier name, authority status, and insurance for any DOT number, to verify the truck belongs to the carrier you booked.

1. Verify the driver's CDL against the carrier's dispatch confirmation. The broker should provide the shipper with the driver's name (obtained from the carrier's dispatcher after booking). The dock checks the driver's CDL name against the expected name. A mismatch triggers a hold and a call to the broker.

1. Do not release freight to early arrivals without broker confirmation. If a truck arrives outside the scheduled window, the dock contacts the broker before loading. This single rule eliminates the scammer's primary tactic of arriving before the real truck.

1. Call the broker to confirm any "truck swap" or "replacement driver" claims. Scammers who arrive and find the dock expecting a different truck will claim "the original truck broke down, dispatch sent me instead." This is sometimes true in legitimate operations, but it must be verified with a call to the broker, who then calls the carrier. Never accept a verbal explanation from the driver alone.

1. Photograph the truck, trailer, and driver's CDL before loading. Even if all checks pass, photographic documentation creates an evidence trail that aids recovery and prosecution. Most legitimate drivers have no issue with this. A driver who refuses to be photographed at the dock is a red flag.

What Brokers Should Tell Their Shippers

Most shippers don't know fictitious pickup exists. They process dozens or hundreds of pickups daily and operate on trust: if the truck has the right paperwork, it gets loaded. Changing that default requires the broker to educate the shipper and provide them with the specific verification steps.

Here's what to communicate:

The risk statement. "Cargo theft at the dock through fictitious pickup is up over 40% year-over-year. Scammers are obtaining pickup details from load board postings and showing up at facilities before the real truck arrives. We need to add a verification step to prevent this."

The ask. "For every load we book, we'll provide you with a unique pickup code by phone. Please do not release freight to any truck unless the driver provides this code. We'll also provide the carrier name, DOT number, and driver name in advance. If anything doesn't match, call us before loading."

The objection response. Shippers will push back on added steps because dock operations are high-volume and time-sensitive. The response: "This adds about 2 minutes per pickup. A single fictitious pickup theft costs $100,000-$300,000, creates a cargo claim, and disrupts your customer's supply chain. The 2 minutes is the cheapest insurance available."

Some shippers will implement these controls for all loads. Others will only agree for high-value commodities. At minimum, push for pickup code verification on any load worth over $100,000 and on commodities that appear on CargoNet's most-stolen list: electronics, pharmaceuticals, household goods, food and beverage, and apparel.

How Load Board Postings Feed Fictitious Pickup

Load boards are the primary intelligence source for fictitious pickup operations. Every detail a broker includes in a load posting becomes a tool for the scammer.

A typical load board posting contains: origin city and state, destination city and state, pickup date, commodity type, weight, trailer type, and sometimes the shipper name and specific facility address. That's most of what a scammer needs. The only missing pieces are the exact reference number and appointment time, and those can be obtained with a single phone call to the shipper's scheduling department ("Hi, I'm confirming my pickup for Thursday, can you give me the PO number and dock assignment?").

What to remove from load board postings:

• Never include the shipper's facility name or specific street address. Use city and state only.
• Never include the PO number, reference number, or appointment number in the posting.
• Never include the consignee's specific address. Use city and state only.
• Do not post the exact pickup date if possible. Use "pickup this week" or a date range.

What to provide only after carrier verification:

• Shipper facility address and dock number
• PO or reference number
• Appointment time
• Consignee's delivery address

This creates an information firewall: the load board posting gives carriers enough information to quote the lane, but not enough for a scammer to execute a fictitious pickup. The specific details that enable the theft are shared only after the carrier has been vetted and booked.

A Side-by-Side: What the Dock Sees in a Legitimate vs. Fictitious Pickup

Legitimate pickup:

A truck from Redline Transport (the carrier on the rate confirmation) arrives at 6:05 AM, five minutes after the scheduled appointment. The driver provides his CDL (name matches the dispatch confirmation), gives the pickup code the broker shared with the carrier by phone, and presents a BOL. The DOT number on the truck matches Redline Transport. The dock loads the truck.

Fictitious pickup:

A truck with no visible DOT markings (or a magnetic DOT sign) arrives at 5:20 AM, 40 minutes early. The driver presents a BOL with the correct PO number. He says "dispatch sent me early, the other truck had a flat." He doesn't have a pickup code because the scammer never received one. His CDL name doesn't match the driver name the broker provided. But the dock supervisor is busy, the PO number matches, and the truck is loaded within 15 minutes.

The differences: early arrival, no pickup code, mismatched driver name, no verifiable DOT number. Each one is catchable if the dock has the protocol. None of them are catchable if the dock's only check is "does the PO number match."

High-Risk Commodities and Facilities

Fictitious pickup is concentrated on specific commodity types and facility profiles. Knowing which loads are most at risk allows brokers to apply enhanced controls selectively rather than adding friction to every pickup.

Highest-risk commodities (based on CargoNet data):

• Electronics and computer equipment ($1.2M+ average stolen value per incident)
• Pharmaceuticals and health products
• Food and beverage (especially alcohol)
• Consumer household goods and appliances
• Apparel and footwear (high resale value, hard to trace)

Highest-risk facility profiles:

• Large distribution centers with multiple docks and high daily volume (easier to blend in)
• Facilities with early morning or overnight pickup windows (reduced staffing, less oversight)
• Facilities near major interstate intersections (quick getaway access)
• Facilities that use "first come, first served" dock policies without appointment verification

If you're booking a $200,000 electronics load from a distribution center with 40 docks that opens at 4:00 AM near an interstate on-ramp, every control in this post should be active. That's the highest-risk scenario for fictitious pickup. If you're booking a $3,000 pallet of lumber from a small yard with two employees who know every truck that pulls in, the risk profile is different.

FAQ

What is a fictitious pickup in freight?

A fictitious pickup is a cargo theft method where a scammer sends an unauthorized truck to a shipper's dock and picks up freight by presenting stolen or fabricated shipment details (PO numbers, BOL information, and consignee addresses). The shipper's dock crew loads the freight believing they are loading the correct, broker-assigned carrier. The real carrier arrives later to find the load already gone. Fictitious pickup bypasses broker-side carrier vetting entirely because the scammer never interacts with the broker. The attack targets the shipper's dock release procedures.

How do scammers get pickup details for freight loads?

Scammers obtain pickup details from three primary sources: public load board postings that include shipper facility addresses and reference numbers, intercepted rate confirmations from compromised email accounts, and direct phone calls to the shipper's scheduling department posing as the assigned carrier's dispatcher. Load board postings are the most common source because they broadcast shipment details to anyone with a subscription. Removing specific facility addresses and reference numbers from load board postings eliminates the easiest intelligence path for scammers.

How do you prevent a fictitious pickup?

Implement a unique pickup code shared only by phone with the assigned carrier's dispatcher after booking. The dock releases freight only when the driver provides this code. Additionally, verify the truck's DOT number against the assigned carrier, check the driver's CDL name against the dispatch confirmation, and require broker confirmation before loading any truck that arrives outside the scheduled appointment window. These four dock-level controls address the specific attack sequence used in fictitious pickups.

Can a shipper be liable for releasing freight to the wrong carrier?

Yes, a shipper can bear liability for releasing freight to an unauthorized party if they failed to follow reasonable verification procedures. The specific liability depends on the shipping contract, the bill of lading terms, and whether the shipper followed the pickup instructions provided by the broker. If the broker provided a pickup code and driver name and the shipper released the freight without verifying either, the shipper may share liability for the loss. This is why brokers should document their pickup verification instructions in writing to the shipper.

Why is fictitious pickup increasing so fast?

Fictitious pickup is increasing because load board postings make pickup details freely available, the attack requires minimal technical sophistication (no hacking, no document forgery beyond a basic BOL), and most shipper facilities still release freight based solely on matching a PO number with no identity verification. As carrier-level vetting has improved (making MC cloning and double brokering harder), criminals have shifted to dock-level attacks that bypass carrier vetting entirely. CargoNet reported over 40% year-over-year increase in fictitious pickup incidents.

Does insurance cover fictitious pickup losses?

Standard cargo insurance typically covers fictitious pickup losses because the freight was physically stolen, but the claim process and payout depend on the specific policy terms. Motor truck cargo insurance covers freight in the care, custody, and control of the insured carrier, but in a fictitious pickup, the freight was never in the legitimate carrier's custody. This creates a coverage gap that depends on who the policy names as the insured and whether the theft occurred before or after the carrier took possession. Brokers should verify their contingent cargo policy specifically addresses theft at the shipper's facility.

How is fictitious pickup different from identity theft or MC cloning?

Fictitious pickup and MC cloning target different points in the supply chain. MC cloning targets the broker: a scammer impersonates a legitimate carrier to win a load assignment, then steals the freight after a seemingly normal pickup. Fictitious pickup targets the shipper's dock: a scammer never contacts the broker at all, instead showing up at the facility with stolen shipment details and picking up the load before the real carrier arrives. MC cloning is defeated by carrier identity verification. Fictitious pickup is defeated by dock-level controls that verify the truck and driver before loading.

What should I do if a fictitious pickup has already happened?

Call law enforcement immediately. Time is the most valuable asset in recovering stolen freight, and every hour matters. Then take these steps: notify the shipper's security team to preserve dock camera footage, contact CargoNet or FreightWatch to activate a cargo recovery alert, file a police report in the jurisdiction where the pickup occurred, notify your insurance carrier, and document the incident including the time the unauthorized truck arrived, any identifying details from the dock crew, and the exact shipment value. Filing an FMCSA complaint is also appropriate if the unauthorized truck had any visible DOT or MC markings.

The Bottom Line

The Memphis brokerage that lost $220,000 in electronics had a perfect carrier vetting process. The carrier they booked was legitimate, rated, insured, and had 340 inspections on record. None of that mattered because the theft didn't happen in their system. It happened at a dock where a supervisor loaded a truck because the PO number matched. One pickup code, shared by phone, verified at the door. That's the control that would have kept 42,000 pounds of electronics on the right truck.