Fraudulent Emails Posing as USDOT and FMCSA Sent to Motor Carriers
FMCSA has identified a new, aggressive phishing campaign in which motor carriers receive emails falsely claiming to be from U.S. Department of Transportation (USDOT) or FMCSA officials. These emails often contain professional-looking documents and legitimate-looking links, but they are fake and designed to steal sensitive information or demand illegal payments.
What You Need to Know
- These emails DO NOT come from USDOT or FMCSA.
- Official FMCSA correspondence almost always uses an email address ending in .gov. In special circumstances, such as customer satisfaction surveys after contacting the FMCSA Contact Center, emails may come from a non-.gov address. These surveys request feedback only and will not ask for personal, payment, or account information.
- Links in phishing emails typically lead to suspicious, non-.gov domains (for example, fmcsa.web.saferwebdattaconnect.pro).
- FMCSA will never request payment or sensitive information (like UCR, PIN, SSN, EIN, or bank details) through unsolicited messages.
- If you have any doubts, avoid clicking links and verify all communications directly through official FMCSA channels, including contacting the FMCSA Call Center at https://ask.fmcsa.dot.gov/app/ticket or call 1-800-832-5660.
FAQs
Would an email from FMCSA ever come from a non-.gov address?
In almost all cases, FMCSA and official USDOT communications come from .gov email addresses. In special circumstances—such as customer satisfaction surveys following Contact Center interactions—emails may come from a non-.gov address; these will request feedback only and will not ask for sensitive information. Always verify unexpected emails if unsure.
How can you verify you’re on an official FMCSA site?
FMCSA websites end with .gov (e.g., www.fmcsa.dot.gov ). Always double-check the domain before providing any information. Hover over links to confirm the actual URL before clicking.
What information will FMCSA never ask for by email or phone?
FMCSA will never request Social Security numbers, bank account details, or credit card information via unsolicited emails or phone calls. If sensitive information is required, you should initiate contact through official FMCSA phone numbers or web portals.
Are there actions the customer must initiate?
Yes. FMCSA will never initiate contact that requires immediate submission of payments or sensitive information. Routine updates and renewals are always user-initiated through official FMCSA websites or portals.
What to Do if You Receive a Suspicious Email
- Do not click on links or open attachments.
- Do not reply to the sender.
- File a complaint with the FBI through their IC3 site at https://www.ic3.gov/ .
- Report suspicious emails to the FMCSA Contact Center at https://ask.fmcsa.dot.gov/app/ticket or call 1-800-832-5660.
- Visit the Federal Trade Commission site at https://consumer.ftc.gov/ for more on phishing and email verification.
Stay alert—your attention and caution help protect your business and industry partners from cyber threats.
For More Information
Visit www.fmcsa.dot.gov or contact FMCSA directly through the agency’s Call Center at 1-800-832-5660.
McCraren Compliance offers comprehensive safety training to help prevent accidents. Visit our class calendar to see how our training and consulting services can enhance your safety efforts.
Original article published by FMCSA