Why identity
Every modern carrier fraud you have read about in the last two years exploits the same gap: the person on the other end of an email chain pretending to be someone they aren't. Verifying the MC number is necessary. It is not sufficient. Here is how the attack actually works.
01 · The attack, step by step
fraudster
Finds a legitimate carrier with active MC authority on SAFER.
Tell: Clean DOT, matching insurance, decent fleet size. Perfect cover.
fraudster
Spoofs a dispatcher email using a free mail service and the legitimate company name.
Tell: dispatch.dot123456@gmail.com or similar — looks legitimate on an iPhone preview.
fraudster
Replies to a load posting with a competitive rate, requests rate con.
Tell: Speed is the tell — they respond fast and rarely negotiate.
broker
Runs the MC number through Carrier411 / SAFER / RMIS. Everything checks out.
Tell: Because it should — the MC belongs to a real carrier. The person contacting you just isn’t from that carrier.
fraudster
Gets the rate con, either re-posts the load to another broker (double-broker), or tenders it to a single-truck operator under instructions to drop it somewhere unexpected.
Tell: Load delivers late, to the wrong place, or not at all.
broker
Calls the real carrier to follow up. The real carrier has never heard of the load.
Tell: By this point the fraudster and the payment are gone.
02 · What we do instead
Before a broker can book a verified load, the carrier's dispatcher has to confirm a one-time passcode sent to the email address FMCSA has on file for that carrier. Not any email. That email.
The FMCSA-registered email is the only channel that connects to the actual carrier. A fraudster impersonating the company cannot receive mail at it. That means the attack in step 05 above never gets off the ground — the passcode never arrives at the fraudster's inbox, so the verification never completes.
We log the verification: timestamp, IP, device fingerprint, and the full audit trail. If the same device tries to impersonate three carriers in one week, the pattern lights up across the whole VettaVerify network. You see a verified badge; your insurance broker sees a paper trail that holds up.
This is not a captcha. This is not a phone-number challenge. It is the one credential the impersonator cannot fake: access to the mailbox the federal government has on file for the real company.
Look up any carrier on VettaVerify for free. When you're ready to book, send an identity request — and watch the dispatcher prove they're actually from that carrier.