Diesel Vortex freight and logistics phishing campaign
Campaign
Summary
Hide ▲
Show ▼
The Diesel Vortex phishing campaign is stealing freight-sector credentials across the U.S. and Europe, raising the risk of account compromise, cargo fraud, and downstream mailbox abuse. The operation has run since September 2025 and has taken 1,649 unique credentials from platforms and service providers used by freight operators. It relies on 52 domains and cloned login pages to harvest access data from logistics users.
Related Happenings
AccountDumpling Google AppSheet Facebook phishing campaign
Campaign
First: 01.05.2026 21:09
Last: 01.05.2026 21:09
Sources 1
About this happening:
A **Vietnamese-linked** operation dubbed **AccountDumpling** is using **Google AppSheet** as a phishing relay to steal **Facebook** credentials, enabling account takeover at scale...
AccountDumpling Google AppSheet Facebook phishing campaign
CampaignAbout this happening: A **Vietnamese-linked** operation dubbed **AccountDumpling** is using **Google AppSheet** as a phishing relay to steal **Facebook** credentials, enabling account takeover at scale...
Cyber-enabled cargo theft is surging across transportation and logistics in 2025
Target Trend
First: 30.04.2026 19:32
Last: 30.04.2026 19:32
Sources 1
How related:
The U.S. Federal Bureau of Investigation (FBI) warned the transportation and logistics industry of a sharp rise in cyber-enabled cargo theft, with estimated losses in the United States and Canada reaching nearly $725 million in 2025.
About this happening:
**Cyber-enabled cargo theft** is surging across **transportation and logistics**, driving nearly **$725 million** in estimated losses in the **U.S. and Canada** and materially inc...
Cyber-enabled cargo theft is surging across transportation and logistics in 2025
Target TrendHow related: The U.S. Federal Bureau of Investigation (FBI) warned the transportation and logistics industry of a sharp rise in cyber-enabled cargo theft, with estimated losses in the United States and Canada reaching nearly $725 million in 2025.
About this happening: **Cyber-enabled cargo theft** is surging across **transportation and logistics**, driving nearly **$725 million** in estimated losses in the **U.S. and Canada** and materially inc...
Triad Nexus investment scam and brand impersonation campaign targeting emerging markets
Campaign
First: 14.04.2026 15:00
Last: 14.04.2026 15:00
Sources 1
About this happening:
The **Triad Nexus** campaign is continuing to run **large-scale investment scams** and **brand impersonation**, expanding into **emerging markets** and driving higher fraud losses...
Triad Nexus investment scam and brand impersonation campaign targeting emerging markets
CampaignAbout this happening: The **Triad Nexus** campaign is continuing to run **large-scale investment scams** and **brand impersonation**, expanding into **emerging markets** and driving higher fraud losses...
Triad Nexus expands fraud ecosystem and shifts into emerging markets after 2025 US sanctions
Threat Actor Meta
First: 14.04.2026 15:00
Last: 14.04.2026 15:00
Sources 1
About this happening:
**Triad Nexus** expanded its fraud ecosystem after **US Treasury sanctions in 2025**, increasing operational scale and shifting into **emerging markets**. The network’s use of **U...
Triad Nexus expands fraud ecosystem and shifts into emerging markets after 2025 US sanctions
Threat Actor MetaAbout this happening: **Triad Nexus** expanded its fraud ecosystem after **US Treasury sanctions in 2025**, increasing operational scale and shifting into **emerging markets**. The network’s use of **U...
TikTok for Business phishing campaign using Turnstile and reverse proxy
Campaign
First: 26.03.2026 16:09
Last: 26.03.2026 16:09
Sources 1
About this happening:
A **phishing campaign** is targeting **TikTok for Business accounts** and uses **Cloudflare Turnstile** to block automated analysis before exposing a **reverse-proxy** credential-...
TikTok for Business phishing campaign using Turnstile and reverse proxy
CampaignAbout this happening: A **phishing campaign** is targeting **TikTok for Business accounts** and uses **Cloudflare Turnstile** to block automated analysis before exposing a **reverse-proxy** credential-...
Timeline
-
25.02.2026 01:57 2 articles · 3mo ago
Diesel Vortex phishing campaign against freight and logistics operators
Initial DisclosureA financially motivated group dubbed Diesel Vortex is targeting freight and logistics operators in the U.S. and Europe with phishing emails, voice phishing, and Telegram infiltration, using 52 domains and cloned login pages to steal credentials from load boards, fleet management portals, fuel card systems, and freight exchanges. The campaign has run since September 2025, has taken 1,649 unique credentials, and is associated with named victims including DAT Truckstop, TIMOCOM, Teleroute, Penske Logistics, Girteka, and Electronic Funds Source (EFS).
Show sources
- Phishing campaign targets freight and logistics orgs in the US, Europe — www.bleepingcomputer.com — 25.02.2026 01:57
- FBI links cybercriminals to sharp surge in cargo theft attacks — www.bleepingcomputer.com — 30.04.2026 19:32