We are connected digitally now more than ever, and with this comes navigating unique vulnerabilities to evolving threats. Threats can include targeted phishing, social engineering, account takeover, malware, fraud, and more. The military is no different and has become a specific target in recent years. When it comes to military scams, threat actors work diligently to impersonate military-specific financial institutions and adopt the language that appeals to military members.
As we engage more deeply with social media and digital platforms, we must contend with a multitude of information security risks intertwined in the posts, shares, and pins. This post will define the threat landscape unique to our military, review a few reasons why service members are targeted, and touch on some of the top military scams to watch for.
Defining the Military Scam Threat Landscape
Our military, veterans, and their families take on distinct hardships and sacrifices when they choose to serve. Although scams targeting our military shouldn’t be one of the concerns on their radar, the FTC’s Consumer Sentinel Network tells a different story.
The number of identity theft reports from service members is much higher when compared to non-military consumers. Over the past five years, the FTC received nearly 700,000 consumer reports from service members, including veterans, active duty, reservists, and their families. Total losses tally up to $420.5M, with roughly 300,000 of these reports being fraud-related.
This is just a slice of the data, considering how many incidents were left unreported and that we are only seeing statistics up until December of 2020. It’s a safe bet these numbers have grown and continue to grow as threat actors evolve their tactics.
The bigger question remains, though: why would cyber criminals choose to target the military specifically? There are a few reasons that began to surface as far back as 2016 when the ZeroFOX threat research team did some digging (you can read the full report here to see how these trends carry over into today’s threat landscape):
- Military-specific financial institutions tend to allow faster processing and more extensive withdrawals as a convenience to their overseas customers. When a threat actor obtains sensitive personal information, such as account numbers, email addresses, usernames and passwords, or other banking credentials from a military member, they can withdraw more money before the bank’s anti-fraud detection freezes the account. This makes members of the military among the most lucrative targets.
- There are scores of military-specific institutions and financial vehicles. When a phishing attack successfully impersonates one of these entities, a service member is more trusting and apt to follow through with requested actions. Because the financial institutions themselves serve that population specifically, cyber criminals can easily take advantage of this pre-segmented, trusted relationship.
- Military scams exploit the distance between family and other financial supporters of military members. Members of the military are perhaps the most familiar with cash transfers because of their need to send money overseas. Receiving military-specific financial offers and benefits has also become the norm for this targeted segment. These elements play off a sense of underlying trust already established; they create the perfect formula for a cyber attack or phishing attempt when combined.
- Social media scams are on the rise, and the military has become a prime target as a strong community on these platforms. In fact, you may be familiar with the 2019 Facebook ad, “highlighting how the social media platform is helping military families come together through thick and thin.” Hashtags alone (#military, #militarylife, #veteransusa, #patriot, and more) are social media tools readily exploitable for a threat actor. Simply appending these hashtags ensures military scams reach the large military community, establish a sense of trust, and aid in phishing attacks. ZeroFOX hosted a webinar with CEO James Foster and author Peter Singer on his book Like War: The Weaponization of Social Media that outlines a paradigm for understanding and defending against our connected world’s unprecedented threats.
Top Three Military Scams
The first step in protection against cyber attacks is awareness. Stay up to date on the latest scams and tactics by following the many accredited resources available specifically for service members: Military Consumer site, FTC Identity Theft dedicated reporting and remediation site, U.S. Army Scams page, Military OneSource network, Defense Finance and Accounting Service (DFAS), to name a few. Here are the top three scams our threat research team wants you to keep an eye out for this year:
Military Romance Scams:
- This common scam may be more well known, but threat actors continue to adapt their techniques and effectively utilize this tactic regardless. Scammers use this angle in two ways. The first, a threat actor poses as a service member in online dating forums (or otherwise) looking to build a trusted relationship. Once a victim is hooked, soliciting money for various service-related needs begins, ranging from transportation costs, communication fees, medical expenses, to marriage processing fees. On the flipside, threat actors use fake dating profiles to attract service members. Again, once a scammer establishes the relationship, they will move to request funds next. In this case, it is usually under the guise of costs to travel or as a plea for financial help in a staged emergency.
Identity Theft Leading to Financial Fraud:
- Tracking your credit report is a proactive measure to ensure you are not a victim of identity theft. While this may work for most in spotting early warning signs, it can be more difficult for relocating service members. Creditors or collections may send notices to old addresses, as just one example. This mishap alone could cause significant delays when acting on identity theft. Even in the best circumstances when early warning signs are detected, recovering from identity theft can be a serious challenge with lasting impacts that can take years to untangle. The effects are far-reaching and can put a servicemember’s security clearance and even their career at risk.
Military Entity and Organization Phishing Attacks:
- Threat actors can take disseminating misinformation to a higher level, creating look-alike accounts or sites that fool viewers into thinking they are seeing the target organization’s official account. We’ve seen cyber criminals use the Military OneSource name and logo to trick service members into believing they are legitimate. In another case, we’ve seen phishing schemes where scammers pose as the DFAS, claiming account information was lost and must be reentered immediately or payments won’t be processed. Once a phishing scam is in place, it is also easy for a threat actor to send emails containing malicious links or attachments. In any case, the goal is the same: to obtain sensitive data such as Social Security numbers, bank accounts, and other personal information.
What You Can Do
There are several steadfast rules that can aid in circumventing these targeted cyber attacks. First and foremost, don’t send money or provide personal information to someone you’ve never met. Ask targeted questions and watch for inconsistent answers. Check profile photo’s using a search engine’s “search by image” feature to track if the same picture shows up with a different name. Know that DFAS and other military organizations never ask for personal financial information, account numbers, or passwords. If you think you might be a victim of fraud or identity theft, immediately contact your financial institutions and report the incident for further mitigation. They can freeze your account to curtail further damage, re-secure your account and, in some circumstances, help get some of the stolen money back.
Lastly, don’t go it alone. There are resources out there, listed throughout this post, to help you navigate this unique threat landscape. ZeroFOX is well-equipped and highly experienced in helping both individuals and organizations implement a comprehensive program to continuously monitor for information disclosure on social media channels, public websites, dark web sources, code sharing platforms, email, and other public-facing platforms. Request a demo of our Impersonation and Fake Account Detection capabilities to see how we predict and protect daily.