Identity Verification

When a Carrier Sells Its Identity: The Hilder Herd Case and the Vetting Checks That Can't See It Coming

CRIM Report Team
July 6, 2026 · 6 min read
When a Carrier Sells Its Identity: The Hilder Herd Case and the Vetting Checks That Can't See It Coming

A Carrier That Looked Fine on Paper

Earlier this year, a freight broker tendered a high-value load of computer equipment to a carrier called Hilder Herd Transport. The authority was active. The insurance was current. The contact information matched what was on file. Every box on the standard vetting checklist got a checkmark. Within hours of pickup, the shipment veered off route, was transloaded to a second truck parked on a public street — an exchange captured on video — and approximately $3.5 million worth of goods disappeared.

According to a July 2026 Transport Topics investigation, the scheme began when Hilder Herd Transport sold its MC number and digital assets. The buyers used those credentials to book the load, then double-brokered it through a second MC number under their control, redirecting the shipment from Cincinnati to Anaheim, California, before the cargo vanished entirely.

The credentials were legitimate. The company behind them was not.

Why Standard Vetting Missed It

This case is a direct illustration of a gap that sits at the center of most broker vetting workflows: the checklist is built to verify static information, and the fraud was built around inheriting static information intact.

When a carrier sells its MC number and transfers control of its email, phone number, and FMCSA-registered contacts, nothing in the public record changes. The SAFER Company Snapshot still shows the same entity name and authority grant date. The L&I system still shows valid insurance filings. A callback to the listed phone number reaches the new operators, who answer as the original company. From the broker's vantage point, the carrier they vetted three months ago and the carrier on the load confirmation are indistinguishable.

This is what Transport Topics described as a core mismatch: vetting systems designed to confirm static information are being tested by fraud schemes built on rapid identity shifts. Ghost carriers do not create new companies — they inherit the digital footprint of existing ones.

For context on scale: fraud now plays a role in roughly 45% of cargo theft cases, often involving impersonation of legitimate carriers. A BSI and Munich Re Specialty report published in mid-2026 found that in the U.S., strategic theft — schemes using deception, impersonation, and identity fraud rather than physical force — represented approximately 30% of all reported cargo theft incidents in 2025, with organized-criminal-enterprise losses estimated between $3.5 billion and $10 billion annually.

The Acquisition Pipeline Behind the Fraud

The Transport Topics reporting also identified where fraud rings source their target carriers. Criminals specifically watch for carriers whose insurance coverage is within 30 to 90 days of expiration. In a prolonged freight downturn where rates are compressed and margins are thin, some small operators facing renewal costs choose to exit the business rather than pay the premium. Some accept buyouts — in some documented cases for just a few thousand dollars — transferring their authority and digital profile in the process.

Once the transfer is complete, the new operators have a carrier with a clean history, an active authority grant, established broker relationships, and working contact details. Verisk CargoNet has separately warned that many complex cargo theft schemes rely specifically on acquiring existing motor carriers with strong load histories — precisely because those carriers pass broker screening.

That acquisition pattern produces a specific and detectable signal: the carrier's authority age is real, but the underlying principal officers are new.

What Vetting Needs to Catch This

The Hilder Herd incident does not mean static checks are worthless. It means they are incomplete without identity-layer checks that look behind the credentials, not just at them. Here is what that looks like in practice:

Compare SOS officer records against the carrier's operating history. A carrier with a five-year authority grant but a principal officer who incorporated 90 days ago is not the same company it was. State secretary-of-state records show who the registered agent and officers are. When those names changed recently against a backdrop of an older MC, that mismatch is a flag.

Cross-reference phone numbers and email addresses across multiple carriers. Fraud rings running several stolen identities simultaneously often reuse contact infrastructure. A phone number or email address appearing under more than one DOT number — especially when the carriers are in different states or have different operating profiles — points to a shared control structure.

Check for prior-revoke DOT links. The operators behind ghost-carrier schemes frequently have a trail of previously revoked or voluntarily discontinued authorities. Tying the current MC to prior authorities through shared principals, addresses, or contact data can surface that history.

Audit authority-age versus operating-pattern consistency. A carrier with a three-year-old MC that has suddenly shifted commodity type, operating lanes, and average load value in the last 60 days is worth a second look. That behavioral drift — operating in regions where the carrier has no prior inspection history, quoting rates inconsistent with the fleet size on file — was visible in the Hilder Herd case but went unread.

Verify the FMCSA-listed phone number independently. Do not call the number a carrier provides on the rate confirmation. Look it up in the Company Snapshot on SAFER and call that number. If the two differ, stop the booking.

Red Flags Checklist

Before tendering any load to a carrier you have not used in the last 90 days — or any new carrier — run through these checks:

  • SOS records show new principal officers within the last 120 days against an MC number that predates them by years
  • Phone or email on the rate confirmation does not match the FMCSA-registered contact on the Company Snapshot
  • Carrier's registered address changed recently with no corresponding MCS-150 update explaining a genuine relocation
  • Same phone number or email appears under a second DOT number, particularly under a different legal name
  • Operating pattern shift: lane, commodity, or load value that doesn't match the carrier's inspection and safety history
  • Insurance renewal is approaching or was just renewed by a carrier that changed ownership — verify the named insured on the certificate matches the legal entity on file with FMCSA
  • Load board activity is brand new for a carrier with a multi-year authority — established carriers with real operations don't suddenly appear on load boards as unknown entities
  • Carrier pressures the broker to move quickly, citing urgency on both sides of the transaction

The Vetting Standard Has Moved

The industry framing of carrier vetting as a point-in-time checklist is not adequate for a fraud environment where a carrier can change ownership, operating control, and intent without any of its public-record credentials changing. The Hilder Herd case is one documented example of a pattern that is accelerating.

Brokers who rely exclusively on authority status, insurance currency, and a callback to a listed number are verifying the shell. Identity verification means confirming who actually controls that shell today — and whether the principals, contact infrastructure, and operating behavior are consistent with the carrier's history.

That is the question static checks cannot answer on their own.

Spotted fraud, or vetting a carrier?

Sign up free to report freight fraud — once filed, the whole industry sees it — and to check any carrier's reports, identity, and authority in seconds.

Get fraud-prevention insights in your inbox

New carrier-vetting and freight-fraud guides. No spam.