MACDILL AIR FORCE BASE, Fla. – “Thank you for updating your username and password.” This was the message Brian Carson, Community Relations chief, SOCOM Communications Office, read one Saturday morning as he scanned through three emails from his bank – but there was a problem, he hadn’t updated his login information.
Carson immediately called his bank and was told someone had called, pretending to be him about an hour earlier, and answered three of the four security questions, allowing them access to his account.
“He knew my name, my kids’ names, my wife’s name, her date of birth, my date of birth … the one thing he didn’t know was the phone password,” said Carson.
In less than 10 minutes, Carson’s entire checking account had been drained of all funds by a complete stranger.
“Our personal information is at risk for loss, theft and misuse due largely to the digitization of our most personal information such as social security numbers, and other personal details such as dates and places of birth, current and former addresses, and family information … all of that gives insight to thieves who are able to create entire biographical profiles on their victims,” said Dennis Desmond, USSOCOM J3X Identity Management Branch chief.
Because of data aggregation services, social media sites, and vulnerable networks and servers, our workforce and the public are at greater risk than ever of having their identity data stolen, misused, compromised or exploited.”
The best approach, said Desmond, is to take control of your identity data, know where it is, and who has access to it. To help protect USSOCOM members and their families from identity theft and misuse, the Force and Family Readiness Program has cybersecurity workshops available which provide comprehensive information and training.
“They [J3X Identity Management Branch] put together a presentation about how to configure settings on phones to routers in your home,” said Teresa Torelli, FFRP manager.
SOCOM personnel and family members can learn more about upcoming cybersecurity training and web resources through the FFRP.
“U.S. military personnel are especially at risk from cyberattacks, phishing attempts, fraudulent emails and identity exploitation,” said Desmond. “If you suspect that you are being targeted by criminals, foreign intelligence services, or terrorists, report the information immediately to your counterintelligence and security office. Many of these preventive measures seem difficult and laborious to remember, but being the victim of identity theft or fraud, or having your information exploited by an adversary is much worse.”
The Federal Trade Commission has a lot of useful information on its website at: https://www.ftc.gov to help people prevent identity theft and provide educational material on managing your online presence.
“We have many of the FTC handouts and even a SmartBook that will help SOCOM personnel lock down their personal information and manage their online content,” added Desmond.
“Whether it’s an iPhone, iPad, Android, or whatever it is that you’re using, the SmartBook shows you how to adjust settings on there,” said Torelli. “They [IDM and OPSEC] maintain [the SmartBook] because the information changes all the time.”
One of the places the SmartBook can be found is on the USSOCOM, FFRP portal page at: https://www.socom.mil/ffrp/Pages/smartcards.aspx.
The Defense Department also has an anti-virus software license agreement with McAfee and Symantec allowing free download of the software for service members and DoD civilians to use at home. The intent is to help protect home computers, and in turn help protect government networks.
Personnel who wish to download the anti-virus software should use a Common Access Card enabled computer to access the Defense Information Systems Agency website at: www.disa.mil. A search for “Anti-Virus/Anti-Spyware Solutions” within the site will bring up links with information and instructions on downloading the software at home.
“I’ve become much more cautious, especially with the bank,” said Carson. “Now, nobody is able to get into my account without verbally giving the phone password. [The bank] sends me a text message with a specific number so I can gain access to the account, just as an additional security measure.”
”Protect yourself as much as you can and be a hard target,” said Torelli.
Identity theft is a complication you definitely want to prevent, and with these preventive measures, you can do just that.