Two semi-trucks carrying more than $1 million worth of Santo Tequila, the brand co-founded by Guy Fieri and Sammy Hagar, vanished somewhere between Texas and Pennsylvania. There were no guns, no masks, no high-speed chase, just fake companies, spoofed GPS signals and forged documents. The thieves never even lifted a finger except for typing on their keyboards.
This isn't an isolated incident; it's part of a surge in cargo theft driven by digital deception over the past several years. Today's modern supply chain criminals operate more like tech startups than highway bandits, using data, digital platforms and social engineering to infiltrate vendor networks and hijack shipments worth millions.
Traditional vendor vetting methods, like checking business licenses or calling references, can't keep up with this type of deception.
An Alarming Trend
In June 2025, according to the National Insurance Crime Bureau (NICB), cargo theft in the U.S. was up 27% from the previous year and is expected to continue rising. Technology has enabled supply chain criminals to bid on contracts online, clone vendor identities and reroute shipments globally.
This is the new reality as transnational organized crime, cartels and even state actors are converging their tactics. As the afore-referenced tequila theft illustrates, with such high-level entity involvement, commercial industrial operations now face the same type of threats once reserved for wartime scenarios.
Vendors are a critical part of the cargo supply chain, providing essential goods, services and logistics support that keep operations running smoothly. Traditional vendor due diligence methods rely heavily on manual, point-in-time processes that lack depth and ongoing visibility.
These include verifying business licenses to confirm legitimacy, conducting reference calls to validate reputation and reliability (which also can be fabricated) and performing basic background checks on company owners or key executives. Such methods provide only a snapshot of a vendor's standing at any given moment and can miss emerging risks between review cycles.
Data management in these processes is typically handled through manual spreadsheet tracking, which makes it challenging to maintain consistency, detect anomalies or scale across large supplier networks. As a result, organizations often have blind spots in areas such as ownership changes, financial instability or regulatory red flags that arise after the initial assessment, leaving them vulnerable.
Even organizations that have digitized their vendor processes remain at risk if they lack continuous monitoring. Today's criminals can produce convincing, AI-assisted credentials that are difficult to detect, while static checks fail to capture emerging and real-time issues of concern or suspect behavior. Hidden networks connecting entities, brokers and logistics partners remain invisible and automated transactions can often escape human oversight.
How Not to Be a Target
Criminals assess targets for ease of access. The goal should be to ensure your organization presents a harder target than your competitors. Sophisticated schemes such as the Guy Fieri and Sammy Hagar tequila heist demonstrate how bad actors continuously scan for vulnerabilities in logistics and supply chains, specifically targeting companies with inadequate due diligence frameworks.
The million-dollar tequila theft wasn't a failure of logistics. The perpetrators exploited a fundamental weakness: reliance on reactive measures rather than proactive risk mitigation.
Strategic improvements in vendor screening and continuous monitoring can effectively redirect threats elsewhere. By implementing enhanced due diligence that moves beyond traditional compliance, such as incorporating automated risk assessment, real-time threat intelligence and continuous vendor monitoring, organizations position themselves as significantly more difficult targets.
One powerful tool at the forefront of this shift is open-source intelligence (OSINT). By leveraging publicly available data, OSINT provides unparalleled visibility into potential disruptions, adversarial actions and hidden vulnerabilities that traditional due diligence processes simply cannot detect.
OSINT enables organizations to detect and mitigate risks in real time by aggregating and analyzing huge volumes of publicly available data at a faster-than-human pace. Here's how it works in practice:
- Monitoring real-time disruptions: OSINT platforms can identify emerging threats, for example, detecting posts on forums or social media where criminals discuss targeting specific shipping routes, warehouses or ports, providing early warnings to stakeholders before they impact operations.
- Tracking vendor ecosystems: By illuminating the web of relationships between vendors, OSINT helps identify vulnerabilities, including connections to adversarial entities or non-compliant suppliers. In the tequila heist case, this capability would have revealed the fraudulent logistics company masquerading as a legitimate vendor.
- Exposing illicit networks: From shadow fleets to counterfeit goods, OSINT uncovers hidden activities, such as fake company identities, forged shipping documents and spoofed GPS signals to intercept or redirect shipments, that undermine global trade norms. These are the sophisticated criminal networks that exploit gaps in traditional vetting processes.
What Can Happen in an Instant Can Inflict Long-Term Damage
Effectively protecting the modern supply chain requires continuous intelligence. Every vendor relationship must be treated as a living risk ecosystem, monitored for change and deception. The cost of inaction is measured not just in lost shipments but in lost trust and even lost business.
Cargo theft and supply chain breaches extend far beyond financial loss -- they undermine trust and credibility across the logistics ecosystem. Exposes systemic weaknesses and can inflict long-term reputational damage, which could be difficult to rebuild. Such reputational harm often translates directly into lost business, as customers shift to competitors they perceive as more secure, making brand protection as critical as asset security.
What's needed now are AI-driven vendor risk intelligence platforms to expose fake vendors, detect fraudulent planning and subtle behavioral shifts and uncover hidden networks before fraudsters can strike.
The time is now to fundamentally rethink supply chain vendor vetting strategies; AI-driven vendor risk intelligence platforms ensure 24/7 protection, with the means to expose fake vendors, detect suspect behavior and uncover hidden networks before fraudsters can strike.
Jessica Lewis McFate is Sr. Director of Intelligence Solutions at Babel Street and a career intelligence professional, specializing in OSINT for national security.
She has authored over 50 publications, briefed top U.S. government agencies, appeared in print and broadcast media and testified before Congress. A West Point graduate, she served as a U.S. Army officer with 34 months in country deployment in Iraq and Afghanistan supporting signals intelligence, human intelligence and counter-corruption roles.
