Defense Travel System users have reported receiving a new phishing email. The email
advises the traveler that they were not paid correctly for their last TDY period.
An extract of the phishing email message reads:
Sent: Wednesday, February 28, 2018 8:48 AM
To: Traveler, Joseph CIV USARMY
How YOU can tell this is a phishing attempt.
- The correct DTS email address is: firstname.lastname@example.org (not .army)
Consider all other addresses as suspicious, especially those ending in .army or .com.
- Traveler name in the message salutation is not formatted (capitalized) properly. The name should reflect: Dear Joseph Traveler
- The link provided in the phishing message does not correspond to a DoD “secure” message server. All DoD secure servers begin with https: for any official link from DoD.
- DTS would never solicit information directly from a traveler. Should it ever occur, DTS would advise the traveler to update the user information in the DTS application versus providing an external link to update records.
- Messages from Non-DoD sources are always suspect to being fraudulent. Addressees need to ensure they know who is sending them a message.
Your defensive actions include:
• Delete the phishing email.
• DO NOT copy & paste the provided link to access the phishing site. You could compromise your personal (PII) data.
• DO NOT forward the phishing email.
For additional information on this topic, please email your concerns or questions to: email@example.com