AT rep advises email users to be cautious of phishing scams

By Staff Writer Dena O'Dell | 1ID | January 28, 2013

Editor's note: The Antiterrorism theme for the first quarter – January to March – is cyber threat awareness. This is the first article in a series of articles educating readers about the different methods of cyber threats and how to prevent them.

Cyber threats are everywhere. With an increase in the use of technology during the last two decades, personal information is exchanged every second over the Internet. Each piece of information creates a puzzle that, if it falls into the wrong hands, can leave a person, organization or unit vulnerable.

Phishing is one of many cyber threats. Phishing, as defined by Merriam-Webster dictionary is "a scam by which an email user is duped into revealing personal or confidential information, which the scammer can use illicitly."

When a hacker masquerades as trusted person or organization by "spoofing" email addresses or social media accounts, the hacker intends to use the collected information to conduct a "Phishing" attack. Phishing is the hacker's attempt to gain passwords and other sensitive information in an attempt to gain access to networks or user accounts, according to Pat Burch, installation antiterrorism officer, Fort Riley.

The email typically instructs the user to log in to verify information using a website link; however, the website link in the email directs the user's web browser to a fake website operated by a hacker, Burch said. The fake website looks exactly like a company's real website and requires the user to log in to the site. Any information entered by the user is then immediately delivered to a hacker, who then can use it to access the user's accounts.

"The technological advancement, which has enabled more and more individuals to connect to one another, has come with the increased risk of cyber crime and cyber attacks. Soldiers, Family Members and civilian employees need to understand the different cyber threats and tactics, techniques and procedures those cyber threats use," Burch said. "This is a key component in protecting individuals, sensitive information and Fort Riley and (Department of Defense) networks."

Some ways to determine if an email is a phishing scam include:

• Looking for a closed padlock icon in the web browser's status bar, which indicates a legitimate site.

• Unsolicited communication regarding any account a user does not have.

• Unsolicited or unexpected email attachments.

• Requests for the user to send his or her username and/or password or other personal information.

• Obvious spelling, grammar and factual errors.

• An overwhelming emphasis on urgency.

• Anything that is too good to be true.

• From addresses that don't match the reply address.

• Hyperlinked URLs with targets that don't match the linked text. For example, the text for the link may end with a .com, but when the user clicks on the link, it takes the user to a .net site.

• Hyperlinks that use shortened URLs. For example, an email containing a link for Army Knowledge Online listed as versus

• Hyperlinks with very long and complex targets, even to legitimate websites.

Users also should be aware that most official military sites will have a .mil domain; about all official government sites will have a .gov domain; and phishing emails usually don't address the recipient by name.

Users can combat phishing scams by not:

• Disclosing their personal information.

• Opening suspicious emails or email attachments; they may contain malware that will infect a computer or network.

• Clicking on suspicious links in email or popup windows.

• Doing anything the email says in the way it says to do them.

• Replying, reacting or contacting the website's support listed in the suspicious email.

Users should do their own research to determine the validity of the email; delete suspicious emails, and, if using a home computer that has been compromised by a phishing email, change passwords immediately at the real website.

If a person is using a government computer that has been compromised, he or she should contact his or her information assurance officer and the installation's Network Enterprise Center immediately.

If a computer is exposed to a phishing attack, the user compromises his or her personal and/or professional information and potentially subjects the computer to an upload of malware that could allow a hacker access to the user's home computer and/or a unit's computer network.

If a hacker has access to a user's computer, the hacker may be able to commit identity theft.

If a hacker gains access to an Army computer network, the hacker may be able to disrupt unit and command control, as well as access sensitive information that could compromise a unit's mission, including real-world schedules and movements; weapon system vulnerabilities; and upcoming missions.

"Reporting an incident is key," Burch said. "Not only should you notify your information assurance officer, but you also should notify the Fort Riley Police and the 902nd Military Police Detachment to enable a quick response.

"The reality is cyber security is a shared effort that requires everyone to be engaged to create a safe cyber environment."