Email this Article Email   

CHIPS Articles: WARNING DoD Travelers — DTS Phishing Attempt Reported

WARNING DoD Travelers — DTS Phishing Attempt Reported
By DTS Travel Operations, DFAS Indianapolis - March 6, 2018
Defense Travel System users have reported receiving a new phishing email. The email advises the traveler that they were not paid correctly for their last TDY period.

An extract of the phishing email message reads:

From: noreply@defensetravel.osd.army
[mailto:noreply@defensetravel.osd.army]
Sent: Wednesday, February 28, 2018 8:48 AM
To: Traveler, Joseph CIV USARMY
Subject: [Non-DoD Source] Defense Travel System
Refund Notification

Dear joseph traveler,
Due to a system error you were not paid correctly for your last temporary duty travel. We are contacting you to correct your account information.

A refund process was initiated but could not be completed due to errors in your current unit information. REF CODE: 0572
COPY AND PASTE THE LINK BELOW TO UPDATE YOUR INFORMATION:
http://defensetravel.osd.army/?720c3cee7182ee131b68eee35ef77f2995a4pjc

(Note: This link has been changed to preclude use)

After your information has been validated, you should get a refund to your bank account within 3 business days.

Thank you for your service and we apologize for any inconvenience.

Defense Travel System
Fort Belvoir, VA

How YOU can tell this is a phishing attempt.

  1. The correct DTS email address is: box-name@defensetravel.osd.mil (not .army) Consider all other addresses as suspicious, especially those ending in .army or .com.
  2. Traveler name in the message salutation is not formatted (capitalized) properly. The name should reflect: Dear Joseph Traveler
  3. The link provided in the phishing message does not correspond to a DoD “secure” message server. All DoD secure servers begin with https: for any official link from DoD.
  4. DTS would never solicit information directly from a traveler. Should it ever occur, DTS would advise the traveler to update the user information in the DTS application versus providing an external link to update records.
  5. Messages from Non-DoD sources are always suspect to being fraudulent. Addressees need to ensure they know who is sending them a message.

Your defensive actions include:

    • Delete the phishing email.
    • DO NOT copy & paste the provided link to access the phishing site. You could compromise your personal (PII) data.
    • DO NOT forward the phishing email.

    For additional information on this topic, please email your concerns or questions to: dfas.indianapolis-in.jft.mbx.in-army-dts-inquiries@mail.mil

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer