NAPLES, Italy (NNS) — The Department of Defense is actively trying to decrease the number of phishing or spear phishing email attempts.
Spear phishing is a targeted attempt to gather sensitive information, such as passwords and credit card information, by pretending to be an official source in an email or similar electronic means.
The DoD has taken several steps including increased security presence at the enterprise email gateways, traffic coming in from or going to non-DoD locations is filtered through the email gateways. This helps to prevent unauthorized DoD information from making it out or a malicious email from getting in. For example, a form containing a social security number sent via unencrypted email would be blocked at the email gateways.
The majority of these are blocked before ever reaching someone's inbox, however, some phishing or spear phishing attempts may eventually make it to a person's email account. There are several ways to help safeguard against these.
"I think the primary lesson all newcomers and family members should understand is the fact that regardless of their age, pay grade, or status, everyone has something of value which can be exploited," said Terrance Winn, cyber security specialist at NSA Naples. "If we look at many of the successful phishing and spear phishing campaigns over the past five-plus years, the adversary is preying on some of our fears. Many times the phishing or spear phishing email contains information about an account they may have which has been locked out or disabled and asks us to click a link to reactivate the account. When it comes to anything which affects our pay, we are quick to click on a link to fix whatever the purported issue is."
The adversary doesn't have to be a computer expert or have advanced hacking skills; all they need is the basic ability to send an email with an embedded attachment or hyperlink which appears to be from a legitimate site. Winn advises that everyone have at least one throw-away email address in addition to their normal address.
"When registering on the plethora of websites, it is recommended to use the throw-away email address, this way if the organization sells their information or has it stolen, their normal email address will not be flooded," Winn added. "Avoid using .mil addresses on commercially available websites. If registering with a .mil email address, it must be a .mil website. This will help to eliminate the threat of spam reaching their government mail account."
A few months ago the department moved to restrict the ability of sending hyperlinks via email. The formatting was removed so only the text remains. This prevents a malicious website from being hidden inside a legitimate hyperlink. The use of embedded hyperlinks is still problematic for home users, though so pay attention.
Continue looking for emails containing attachments to be digitally signed. If you receive an email with an attachment but no digital signature and do not know the individual, it is best to delete without opening. Additionally, do not open any emails from unknown individuals, both at work and home.
Ensure you are using a "clean system" by installing or updating antivirus applications and signature files along with operating system and application patch updates.
Ensure you are using good passwords at home, use different passwords for each account, make passwords difficult to crack, do not use names or words that can be found in any dictionary (including foreign languages), do not use keyboard patterns, etc.
While the DoD has invested heavily in protection capabilities to prevent unsolicited emails from reaching an email inbox, they still manage to get through occasionally. This is where the role as a protector/defender comes into play and you get to decide whether the bait is taken or prevented. This makes you the single most important link in the cyber chain ... the "cyber defender."
For more news from Naval Support Activity Naples, visit www.navy.mil/local/nsanaples/.