An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Phishing scams on the rise

  • Published
  • By Senior Airman Samantha S. Crane
  • 375th Air Mobility Wing Public Affairs
SCOTT AIR FORCE BASE, Ill. --  Air Force officials have recently noted a rise in phishing attacks on military members and their families. With this, the 375th Communications Group explains what phishing is and how to protect against it.

"A phishing attack is an attempt to obtain personal or sensitive information from individuals via e-mail to be used adversely," said Shai'Kenya Williams-Brown, 375th Communications Squadron Network Battle Management Cyber Defense Specialist. "This includes, but isn't limited to, usernames, passwords, social security numbers and credit card information. This information is taken from individuals who trust that the requester is a legitimate representative of a company, institution or their work community."

The phishing e-mails will contain either web links or attachments. The web links will take users to malicious website that will ask and collect the personal information. These websites look official and may be exact copies of the real website. Malicious websites and attachments in the phishing e-mail, if opened, will install malicious software on your computer. The malicious software will collect information that criminals can use for identity theft.

When evaluating these e-mails, it's essential to remember that legitimate requesters never ask for personal information through e-mail or unsolicited web links. Recognizing phishing e-mails could be the difference between keeping you information safe and years of legal and financial work undoing personal damage resulting from identity theft.

"A general rule of thumb is that a legitimate information request would not seek personal identifiable information via e-mail," said Ms. Williams-Brown. "If there's an offer received that seems too good to be true, more than likely it is. Users should always remember that it only takes one person to click on a bad link, provide information or forward a phishing message to jeopardize the security of our network or their home system."

When a suspicious e-mail is received, users should report it to their Computer System Administrator for help determining next steps.

Advice to keep private information safe
- Always protect your personal identification and be cautious with whom you provide it to, especially by phone or Internet.
- Be suspicious of unsolicited e-mail, pop-up, website or phone calls in which you are asked to provide personal information.
- Consider e-mails with significant misspellings as being suspicious, foreign criminals do not typically speak English well.
- E-mails with attachments ending with .exe or .zip, especially with generic files names (ie open.zip) should be considered suspicious.