U.S. STRATCOM Cautions Against Phishing Scam

Officials of U.S. Strategic Command, in short STRATCOM, are reiterating caution for countering incidences of identity theft on the Internet, following the discovery of a widely spreading 'phishing' scam that's targeting service members.

Phishing, which is described as the practice of tricking people into giving away their private information like account numbers or passwords online, is usually carried out through phishing e-mails.

During May 2009 to March 2010, a number of fake e-mails were delivered into the inboxes of financial clients belonging to Navy Federal Credit Union and USAA, said STRATCOM officials via one recently published news report. Standard.net reported this on May 13, 2010.

Apparently coming from the credit union and USAA, these e-mails direct recipients that they've to confirm or send pieces of personal information. The information include account numbers, name and position, mother's maiden name, birth date, phone number and address, username and password of Internet account, Social Security number, personal identification numbers and credit card details.

Albeit official-looking headers, logos and signatures appear in the e-mails, these details are actually tactics of spear-phishing that scammers commonly use during cyber spying to deceive e-mail recipients, states the news release.

Indeed, following the attack, STRATCOM is reiterating to servicemen that authorized agencies like STRATCOM already possess their crucial information and therefore, the institution will not try to e-mail them seeking personal, sensitive information.

Worryingly, while Department of Defense (DoD) owns about 7 Million PCs along with a highly efficient Internet security system, yet incidences of phishing go on. As a result, PCs at DoD are scanned a few million times, daily.

However, because of the phishing campaign, STRATCOM has urged servicemen to continue taking precaution by doing some simple things. That is, they must examine their bank and other financial statements regularly, install up-to-date security software on their PCs, use only protected online sites to conduct purchases and safeguard all their private identification details.

Finally, those getting the phishing message have also been suggested to send it to the e-mail client's fraud/support department. That'll reportedly benefit STRATCOM to strengthen its security as well as to catch the perpetrators of the phishing scam.

Related article: U.S. Businesses Lose $712 Per Worker Due to Spam

» SPAMfighter News - 5/24/2010