Air Force government travel card contractor Citi reported to the Air Force that a bogus email designed to resemble Citiâ€™s own correspondence was being circulated in a phishing scam.
Phishing is a form of social engineering, a tactic used by cybercriminals to solicit personal information under false pretenses in order to steal money.
This particular scam e-mail appears to be an official e-credit card statement with an outstanding balance, and instructs users to click on a link to view their online statement. The â€œspoofedâ€ links in the message, camouflaged to look like links to Citiâ€™s actual website, instead take users to a web page that installs a virus.
Rachel Whitfield, 99th Communications Squadron alternate information assurance manager, said attacks, like the one that looks like a message from Citi, are constantly evolving, using new approaches to trick users into visiting malicious sites to give up their personal information.
â€œIdentity theft is still big and itâ€™s still ongoing,â€ she said. â€œI donâ€™t think thereâ€™s anything worse than losing your identity.â€
To prevent attacks, users should be cautious about accepting e-mails, and donâ€™t open emails that come from an unknown sender.
â€œIf you donâ€™t know who it is, delete,â€ she said.
Microsoft Outlook users also should turn off their reading pane to prevent the inadvertent activation of malicious logic or any kind of virus.
â€œWhat happens is, when youâ€™re in the reading pane the e-mail is already opened when you click on the subject line,â€ Whitfield said.
If unsure, installation users should reach out to their unit information assurance officer.
Whitfield said that the bottom line is phishing scams and other evolving threats appear on a steady basis.
â€œTheyâ€™re still constantly out there and everybody needs to be aware,â€ she said.
For more information, contact your unit information assurance officer or the installation information assurance office at (702) 652-7039/8773.