FMCSA Issues Active Phishing Alert on Fake Safety Audits

stop sign with clouds in background that says fraud alert

The Federal Motor Carrier Safety Administration (FMCSA) has issued a warning to authorized motor carriers regarding potential phishing threats. Criminals are impersonating agency auditors through fraudulent emails, attempting a “fake safety audit” by sending messages to registered entities, including motor carriers. These deceptive emails, posing as the FMCSA, inform recipients of the “need to schedule a safety audit.”

Within the email, there is a link designed to resemble a legitimate URL on the Safer website, mimicking updates to FMCSA’s MCS-150 form. However, the linked page contains entry fields soliciting a carrier’s PIN, Employer Identification Number (EIN), and Social Security number.

The FMCSA emphasizes that providing these details could grant unauthorized access to the FMCSA account, enabling malicious parties to manipulate information and engage in fraudulent freight transactions, impersonating carriers and other entities.

Despite the convincing appearance of the email as originating from the FMCSA, the agency urges caution. They have also shared an image of the problematic module on the web page linked in the email, which has been carefully crafted to appear official.

“[Official safety audit communications] typically come directly from an FMCSA dedicated mailbox, or from the entity within the State that has been assigned the responsibility to conduct the safety audit,” FMCSA said. “While these emails typically end in a .gov extension, we encourage our stakeholders and customers to verify any email or communication they feel to be suspicious with the appropriate agency or contact your FMCSA Division Office directly to clarify.”



Source: Commercial Carrier Journal