Recently, there have been several spam emails fraudulently portraying that the emails were sent by the U.S. Department of Transportation’s (DOT) Office of the Senior Procurement Executive (OSPE) or other Departmental offices. Except in limited circumstances (i.e., task order proposal requests to vendors under existing contract awards), OSPE and DOT contracting offices do not send out email Requests for Proposal (RFP), Requests for Information (RFI), Invitations for Bid (IFB) or Notices of Funding Opportunity (NOFO). DOT uses existing, secured, Governmentwide websites, such as FedBizOpps, U.S. General Services Administration's eBuy or Grants.gov to publicize DOT contract or financial assistance opportunities.
If you receive an email from OSPE or another DOT contracting office that is not from a sender you recognize and/or does not seem legitimate to you, DO NOT click on any links or open any documents/attachments.
"Phishing" is the most common type of cyber-attack that affects organizations. Phishing attacks can take many forms, but they all share a common goal to fraudulently get individuals and business owners to share sensitive information such as login credentials, credit card information, or bank account details.
To avoid these phishing attacks, we recommend the following:
- Do not click on links or attachments from senders that you do not recognize. Be especially wary of PDF files, and .zip or other compressed or executable file types.
- Do not provide sensitive personal or company information (i.e., usernames and passwords, company financial information, etc.) over email.
- Watch for email senders that use suspicious or misleading domain names.
- Inspect URLs carefully to make sure they’re legitimate and not imposter sites.
- Do not try to open any shared document that you’re not expecting to receive.
- If you think that your username and password may have been stolen, please visit the Federal Trade Commission’s identity theft website at https://www.identitytheft.gov/ for information on how to respond, and contact your local law enforcement to report the theft.
If you are in receipt of what looks like a spam email from the Department, call our office to confirm the validity of the communication at (202) 366-4280, or via email at M61AcquisitionPolicy@dot.gov.