The Connecticut Department of Administrative Services (DAS) is committed to protecting our supplier community and maintaining the integrity of the State’s procurement processes. Businesses working with government agencies may be targeted by phishing attempts and other fraudulent communications. This page provides guidance to help suppliers identify potential scams and understand how DAS officially communicates.
How DAS Communicates with Suppliers
To help you verify legitimate communications, please note:
- Official DAS emails are sent only from addresses ending in @ct.gov
- DAS does not send unsolicited business proposals for review or signature via email or third-party digital signature platforms
- Procurement opportunities are posted through official State of Connecticut procurement systems and platforms, not distributed randomly via email
- DAS communications will typically reference specific contracts, solicitations, or supplier relationships
- If you receive a message that does not align with the above, treat it with caution.
Common Scam Types
Suppliers have reported the following types of fraudulent activity:
- Impersonation of DAS Leadership
- Fraudsters may pose as DAS Commissioner Michelle Gilman or other high-ranking DAS officials, often requesting that you review or sign documents, or provide personal or business information.
- If this type of request is unexpected or unsolicited, it is fraudulent.
- Fake “Digital Signature Requests”
- Messages asking you to review or sign a “business proposal” or “project document”
- These often also impersonate DAS leadership.
- Fraudulent Procurement Opportunities
- Unsolicited offers that do not appear on official State platforms
Red Flags to Watch For
Be cautious of messages that include:
- Email addresses that do not end in @ct.gov or contain misspellings or unusual domains
- Messages claiming to be from DAS leadership but sent from non-official email accounts
- Unexpected requests to review, sign, or download documents
- Requests for sensitive personal, financial, or business information
- Generic or vague language with no reference to a specific contract or solicitation
- Urgent or time-sensitive language pressuring immediate action
- Links or attachments from unknown or unverified sources
What You Should Do
If you receive a suspicious message:
- Do not click on any links or open attachments
- Do not provide personal, financial, or business information
- Report the message as phishing to your organization’s IT department
- Delete the message after reporting
If You Are Unsure
If you are uncertain whether a communication is legitimate:
- Do not respond directly to the message
- Verify through official DAS channels such as the DAS website or known procurement contacts
- Reference active opportunities only through official State systems
Our Commitment
DAS actively monitors reports of fraudulent activity and works to protect suppliers and partners across the State of Connecticut. We encourage all suppliers to remain vigilant and report suspicious communications promptly.
