USA — Officials Warn of ‘Phishing’ Scams Targeting Troops

WASHINGTON — U.S. Strate­gic Com­mand offi­cials are urg­ing renewed vig­i­lance against Inter­net-based iden­ti­ty theft after detect­ing a wide­spread “phish­ing” expe­di­tion against ser­vice­mem­bers.

Phish­ing is a term used to describe deceiv­ing peo­ple into divulging per­son­al infor­ma­tion such as pass­words or account num­bers over the Inter­net.

Begin­ning as ear­ly as May 2009 and last­ing as late as March 2010, numer­ous fraud­u­lent e‑mails were sent to finan­cial cus­tomers of USAA and Navy Fed­er­al Cred­it Union, Strat­com offi­cials said in a recent news release.

The e‑mails, which appear to orig­i­nate from USAA and the cred­it union, ask the recip­i­ent to pro­vide or ver­i­fy per­son­al infor­ma­tion such as name and rank, account num­bers, date of birth, mother’s maid­en name, address and phone num­bers, online account user name and pass­word, cred­it card num­bers, per­son­al iden­ti­fi­ca­tion num­bers for auto­mat­ed tellers, and Social Secu­ri­ty num­bers.

“While these e‑mails may appear to be legit­i­mate, it’s impor­tant to remem­ber USAA and Navy Fed­er­al Cred­it Union will nev­er ask for [per­son­al iden­ti­fi­ca­tion] or to ver­i­fy finan­cial insti­tu­tion data via e‑mail,” the Strat­com release says.

Although the e‑mails have offi­cial-look­ing logos, head­ers and sig­na­ture blocks, “these are all com­mon cyber espi­onage ’spear-phish­ing’ tac­tics used to trick recip­i­ents,” it says. USAA post­ed a notice on its web­site May 4 warn­ing of the phish­ing attempt.

Phish­ing scams can reach ser­vice­mem­bers not only through per­son­al e‑mail accounts, but also through their offi­cial e‑mail. Air Force Gen. Kevin P. Chilton, Strat­com com­man­der, told the House Armed Ser­vices Com­mit­tee in March that every com­man­der needs to focus on keep­ing net­works secure.

“It should be the focus of every com­man­der in the field, the health and sta­tus of their net­works, just as they’re focused on the health and sta­tus of their peo­ple, their tanks, their air­planes, their ships, because the net­works are so crit­i­cal,” he said. “So, chang­ing their con­duct, train­ing them and then hold­ing peo­ple account­able for their behav­ior on the net­work is impor­tant.”

The Defense Depart­ment is home to some 7 mil­lion com­put­ers and more than 15,000 local and region­al area net­works, Strat­com offi­cials said. The net­works are scanned mil­lions of times per day and probed thou­sands of times per day, with a fre­quen­cy and sophis­ti­ca­tion that is increas­ing expo­nen­tial­ly, they said. The intru­sions come from a vari­ety of sources with dif­fer­ent inten­tions, from indi­vid­ual hack­ers intent on theft and van­dal­ism, to espi­onage by for­eign gov­ern­ments and adver­saries, they said.

“This is, indeed, our big chal­lenge in U.S. Strate­gic Com­mand as we think about how we’re going to defend and secure the net­works,” they said.

Strat­com offi­cials offered these sug­ges­tions to keep your per­son­al infor­ma­tion safe:
— Always pro­tect your per­son­al iden­ti­fi­ca­tion and be cau­tious whom you pro­vide it to, espe­cial­ly by phone or Inter­net;
— Be sus­pi­cious of any unso­licit­ed e‑mail, pop-up, web­site or phone call in which you are asked to pro­vide per­son­al infor­ma­tion;
— Cross-ref­er­ence infor­ma­tion with the offi­cial sites, look­ing for the “https” secure con­nec­tion.
— Do not click on any link pro­vid­ed in a sus­pi­cious e‑mail, and take cau­tion in open­ing e‑mail attach­ments or down­load­ing files, regard­less of who sends them;
— Keep your per­son­al computer’s anti-virus, anti-spy­ware, fire­wall and oth­er secu­ri­ty soft­ware run­ning and up to date;
— Reg­u­lar­ly review your bank state­ments for sus­pi­cious activ­i­ty.

Source:
U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)

Team GlobDef

Team GlobDef

Seit 2001 ist GlobalDefence.net im Internet unterwegs, um mit eigenen Analysen, interessanten Kooperationen und umfassenden Informationen für einen spannenden Überblick der Weltlage zu sorgen. GlobalDefenc.net war dabei die erste deutschsprachige Internetseite, die mit dem Schwerpunkt Sicherheitspolitik außerhalb von Hochschulen oder Instituten aufgetreten ist.

Alle Beiträge ansehen von Team GlobDef →