Online scams on the rise and targeting service members

  • Published
  • By Matthew McGovern
  • 16th Air Force
“There is the old saying ‘trust but verify,’ however, in cybersecurity the saying goes, ‘never trust always verify.’” said Special Agent Johnny Guerrero, 16th Air Force Cyber Investigation and Operations.

The internet provides a vast array of resources to millions of Americans and is a place where cyber scammers use the same resources to commit internet fraud against them. 

Guerrero works to minimize online threats to U.S. Air Force members and their families.

“The more you put online, the larger ‘digital fingerprint’ you create which makes you a bigger target and more susceptible to being targeted by a malicious actor,” said Guerrero. “They perform ‘reconnaissance’ on their victim by looking at posts to get an idea of what the potential victim is interested in such as hobbies, work, etc. This will allow them to make a more targeted attempt to social engineer or scam the victim.”

Online scammers use social media to create fake personas or hack into other user’s profiles, conning their friends or family members. Scammers adapt their methods depending on the information users share on their social media profiles. Using user-provided information, scammers place ads and take advantage of tools used by advertisers, targeting people based on personal likes, interests, age or past purchases.

“Don’t trust anyone you meet online or any suspicious phone call you receive,” said Guerrero. “Scammers are getting more sophisticated and attempt to impersonate loved ones. Reach out to other family members first to verify the information.”

According to the Federal Trade Commission the most common reported fraud loss in the first half of 2023 stemmed from social-media-attempted purchases. This accounted for 44% of all social media fraud loss reports, largely for undelivered goods, with non-arriving clothing and electronics topping the list.
The loss from social media scams topped $2.7 billion, this is a fraction since most frauds go unreported.  

Master Sgt. Joseph Witz, 16th Air Force A39 OPSEC Program Manager, knows cyber actors use social media to target military personnel for intelligence and sensitive information.

“People need to be better about protecting their information on social media; don’t comment on public postings with your birthday or family members info, other personally identifiable records, or any mission data,” said Witz. “It seems like common sense, but everyday people respond to things like this, putting their info out there for the world to see.”

Scammers also scour online dating sites for both military and civilian information. The FBI reported millions of Americans visit these websites every year hoping to find a companion. In 2022, reported losses from fraud on these sites hit a staggering $1.3 billion. The median reported loss was $4,400.

“One of the newest trends is an updated version of the ‘romance scam’ in which a victim is called by an unknown phone number hoping to get the victim to answer,” said Guerrero. “If the victim answers and begins speaking, the malicious actor will clip the victim’s voice and use AI software to replicate the victim’s voice. They then proceed to call other loved ones of the victim usually asking for money.”

Scams usually begin with what appears to be an innocent friend request followed by love bombing and then a request for money.
These fake personas use stolen photos of other people to include pictures of real military personnel.

Maj. Aaron Williams, 16th Air Force A35 senior intelligence officer, works directly with open-source reporting for malicious cyber-attacks and understands how scammers and hackers can focus on 16th Air Force members.    

“We have observed attempts to target U.S. Air Force personnel’s devices and communications by cyber actors based on how the actors attempt to access the information,” said Williams. “They want to know as much as possible about how the Air Force would employ our cyber forces to counter our activities in cyberspace.”

He said using multi-factor authentication, phishing awareness, and not re-using weak passwords has the most beneficial impact on nation state cyber activity.

“It is much easier to go after low level cyber targets that have bad hygiene then going after hardened DOD communications or networks,” he said. “Although they still go after hardened targets the attempts to do so are at much smaller scale.”

Awareness about where you leave your personnel devices during the day should be considered. It is much easier to compromise wireless devices than wired networks. When you introduce those mobile devices to wired networks it creates a brand-new entry point for cyber actors to exploit.

Scammers typically use technology to do the heavy lifting and avoid meeting in person. Instead, they’ll ask for money and give instructions on how to pay. They profess their love quickly and appeal to the emotions with stories about family emergencies, hospital bills or travel. 

 “Sadly, the reason they keep doing it is because people keep falling for scams,” said Guerrero.  “It is part of a continuous campaign to educate people on scammers to prevent future scams from occurring.”

To become more cyber resilient at home personnel should be cautious of clicking hyperlinks. Guerro also recommends installing ad blockers as browser extensions and other cookie/script blocking browser extensions.  If a link seems suspicious, do not click it.

Empowering Airmen and their families with the tools necessary to combat malicious actors will ensure a resilient Joint Force and defense ecosystem.

To learn more about how to spot, avoid and report scams, and how to recover money if you’ve paid a scammer; visit ftc.gov/scams.

If you spot a scam, report it to the FTC at ReportFraud.ftc.gov.