When a fake Twitter account of then-commander of U.S. Africa Command Gen. Stephen Townsend emerged last year, it prompted the command to release a warning about online scams.
Townsend, however, is by no means the only top-level leader, or service member, to have his or her online identity abused. According to some experts, scams against military personnel are actually on the rise.
In August, the cybersecurity firm ZeroFox put out its second white paper on military scams, highlighting that the threat landscape today is being shaped by the war between Russia and Ukraine, increasing economic instability, and a widening political divide.
It also highlighted that more than 700,000 consumer reports have been submitted as of June 30 by service members — active duty, reservists, veterans and their families — to the Federal Trade Commission since 2018. Losses total more than $718 million, with a median loss of $650.
“Every day across the Department of Defense information network there are 48 million e-mails processed, 174.8 billion cybersecurity events, 420 million marketing and phishing attacks, and 1.5 billion malicious cyber attacks blocked,” according to a Navy release on cybersecurity awareness.
With online scams against active and retired military personnel and their families growing at an exponential rate, experts are touting some basic reminders to prevent the military community from becoming victim to such dangers.
According to Brian Kime, vice president of intelligence at ZeroFox, one of the largest methods of extortion used against the military are romance scams — when a criminal adopts a fake online identity, often posing as military personnel themselves, to build an illusion of affection and trust before exploiting their victim.
This catfishing behavior reportedly works well because the military uniform is seen as an emblem of trust. Additionally, because of the nature of their work, service members are often familiar with cash transfers.
Kime, who has spent the last 20 years in the U.S. Army Reserve in intelligence and innovation units and deployed once to Afghanistan, also shared that crypto and investment hoaxes have picked up during the pandemic.
Over the summer, during a House Committee on Oversight and Reform subcommittee hearing, lawmakers discussed the increase in financial scams targeting the military community.
“It is especially shameful that the scammers would prey upon their target’s sense of duty and patriotism toward their fellow service members and veterans in order exploit them,” Rep. Stephen Lynch (D-Mass.) said in his opening remarks.
During the hearing, Malini Mithal, an FTC official, said that the top complaints for military consumers ranged from identity theft and imposter scams to fraudulent business opportunities and bogus investment schemes.
Knowing these incidents are on the rise, Kime pointed to a few basic ways in which the military community can better protect itself online.
For one, he shared that service members should not make their official military portrait their profile photo on social media sites like LinkedIn. If troops do post a photo of themselves in uniform, he added that they should be aware of the platform’s privacy controls so they understand who has access to said images.
Additionally, by keeping contact information hidden, using unique passwords and signing up for multifactor authentication, service members will be less likely to have their identity and information stolen.
With more and more people now connecting digitally, the Army’s Criminal Investigation Division is also highlighting common red flags and offering insight into how troops should respond if they are scammed.
“If you have fallen victim to a [c]onfidence/[r]omance scam, don’t send the cyber-criminal money, and report the offending account to the social media platform,” Special Agent Deric Palmer said earlier this year in an Army release. He added that one should contact local law enforcement, as well as the local CID office to submit a tip, if money was provided to a scammer.
All of the advice of course comes against the backdrop of the Department of Defense’s very first social media guidance, released in August, which pushes for stricter management of official department accounts.
“It’s a good first step,” Kime said of the policy, but “it has some pretty significant gaps,” including dissuading the creation of an official account for each unit, which he argues should be done to stop fake accounts from spawning.
Kime also said that he believes reform is needed to update a related policy, which offers online protection for a designated group of high-ranking Pentagon personnel. The type of people on the list, he argues, is not comprehensive enough and should include all levels of troops who have already had or are susceptible to having their likeness abused.
Jonathan is a staff writer and editor of the Early Bird Brief newsletter for Military Times. Follow him on Twitter @lehrfeld_media