LANGLEY AIR FORCE BASE, Va. –
A Service member receives a phone call from an unfamiliar number claiming to be an accountant with the member's bank. The unknown caller asks for the Service member's account and social security number, in order to "verify information". Unfortunately for the victim, is just one example of many phishing scams designed to retrieve individual's personal information.
Within the last few days, the U.S. Army Criminal Investigation Command has received calls regarding a new phishing scam, targeting U.S. Government Travel Card holders. Langley Air Force Base Service members are recommended not to provide personally identifiable information such as card numbers to any uncreditable source.
"Phishing scams are carried out using email, instant messaging and phone calls in order to acquire sensitive information such as passwords and credit card information," said John Swett, 633rd Communications Squadron wing information assurance manager. "These scams can be prevented by not replying or providing [personal information] to anyone."
If Service members suspect they are being targeted for a phishing scam, they need to immediately contact their information assurance officer and follow their instructions.
"PII is considered information that can be used to differentiate or trace a person's identity," said Timothy Lyon, 633rd Communications Squadron Freedom of Information Act and Privacy Act manager. "An individual's name, social security number, date of birth and other information are key PII that directly identify a single person. "
While phishing scams provide criminals access to an individual's information, PII material can also be breached by improperly transmitting emails or messages. A breach can have a significant impact to an individual or the base network system. A breach would consist of a person other than the authorized individual having access or potential access to such PII through compromise, unauthorized access or unauthorized disclosure, like sending recall rosters to a personal email from a government computer.
To avoid a breach the 633rd CS suggests using the website https://safe.amrdec.army.mil/safe/ to properly send PII. The site allows operators to encrypt the email, and it will give them a one-time password to access the email.
If a Service member is caught improperly transmitting PII via the Air Force network as of Oct. 24, 2013, the individual's AFNET account will be locked, said Lyon. The account may be unlocked when the first colonel in their chain of command confirms the person has finished all the necessary remedial training.
"Although this new policy of locking accounts may be painful, our goal is to increase awareness to all users and prevent PII breaches," said Lyon. "As we all know, PII violations create both a personal and operational risk for everyone."
From properly securing PII to avoiding phishing scams everyone has the power to keep Joint Base Langley- Eustis personnel and the base networks safe and secure.
Editor's note- Some of the information was used from a U.S. Army story published on Jan. 23, 2014, to read click the link http://www.army.mil/article/118640/CID_warns_of_Government_Travel_Card_phishing_scam/