The Department of General Services (DGS) has been alerted to activity aimed at defrauding state of California agencies and the vendor and bidder community. These activities include but are not limited to:

  1. Issuance of fraudulent purchase orders (PO) being sent from what appears to be a legitimate DGS employee and email address.
  2. Issuance of a spoof email requesting vendors validate contact details to ensure they do not miss bidding opportunities.
  3. Emails containing a hyperlink to an unknown destination to update vendor contact information.

In light of these activities, DGS Procurement Division encourages all vendors and bidders to be diligent and exercise best practices to ensure your cyber security. If you believe you may have received a fraudulent PO, please utilize the resource below to help protect yourself from falling victim to these scams.

  • Confirming that the PO is legitimate by directly contacting the issuing department and the buyer whose name is listed on the PO. A directory for most of the state of California employees is located on the California Online Directory at https://cold.govops.ca.gov/
  • Departments are required to immediately report all purchases on California’s State Contract & Procurement Registration System (SCPRS).  The public can search for public purchasing data by going to the Cal eProcure website, under the “Get Public Information” heading and clicking on “View Past Purchases” yellow button https://caleprocure.ca.gov/pages/public-search.aspx
  • Treat links in emails as attachments: only click on them when you are expecting to see one.  Verify web addresses by using your favorite search engine, or navigate directly to a site that you have been asked to log into, and finally, type the address in longhand, ensuring that you are being sent to a legitimate site.

DGS remains committed to informing you and providing resources in order to address this issue.