WASHINGTON — The Federal Motor Carrier Safety Administration (FMCSA) has identified a new, aggressive phishing campaign in which motor carriers receive emails falsely claiming to be from U.S. Department of Transportation (USDOT) or FMCSA officials.
“These emails often contain professional-looking documents and legitimate-looking links, but they are fake and designed to steal sensitive information or demand illegal payments,” FMCSA said.
What You Need to Know
- These emails DO NOT come from USDOT or FMCSA.
- Official FMCSA correspondence almost always uses an email address ending in .gov. In special circumstances, such as customer satisfaction surveys after contacting the FMCSA Contact Center, emails may come from a non-.gov address. These surveys request feedback only and will not ask for personal, payment, or account information.
- Links in phishing emails typically lead to suspicious, non-.gov domains (for example, fmcsa.web.saferwebdattaconnect.pro).
- FMCSA will never request payment or sensitive information (like UCR, PIN, SSN, EIN, or bank details) through unsolicited messages.
- If you have any doubts, avoid clicking links and verify all communications directly through official FMCSA channels, including contacting the FMCSA Call Center here or call 1-800-832-5660.
Would an Email from FMCSA Ever Come from a Non-.gov Address
“In almost all cases, FMCSA and official USDOT communications come from .gov email addresses,” FMCSA said. “In special circumstances—such as customer satisfaction surveys following Contact Center interactions—emails may come from a non-.gov address; these will request feedback only and will not ask for sensitive information. Always verify unexpected emails if unsure.”
How to Verify an official FMCSA site
“FMCSA websites end with .gov (e.g., www.fmcsa.dot.gov ),” FMSCA said. “Always double-check the domain before providing any information. Hover over links to confirm the actual URL before clicking.”
What Information will FMCSA Never Ask for by Email or Phone
“FMCSA will never request Social Security numbers, bank account details or credit card information via unsolicited emails or phone calls,” FMCSA said. “If sensitive information is required, you should initiate contact through official FMCSA phone numbers or web portals.”
Are there Actions the Customer Must Initiate
“Yes,” FMCSA said. “FMCSA will never initiate contact that requires immediate submission of payments or sensitive information. Routine updates and renewals are always user-initiated through official FMCSA websites or portals.”
What to Do if You Receive a Suspicious Email
- Do not click on links or open attachments.
- Do not reply to the sender.
- File a complaint with the FBI through their IC3 site here.
- Report suspicious emails to the FMCSA Contact Center here or call 1-800-832-5660.
- Visit the Federal Trade Commission site here for more on phishing and email verification.
- Stay alert—your attention and caution help protect your business and industry partners from cyber threats.
For more information, visit the FMCSA website or contact FMCSA directly through the agency’s Call Center at 1-800-832-5660.
Dana Guthrie is an award-winning journalist who has been featured in multiple newspapers, books and magazines across the globe. She is currently based in the Atlanta, Georgia, area.
