Back to Top Skip to main content

Cyber fitness, awareness key during ‘season of shopping’

Making cyber security a priority while shopping or browsing online can help you protect yourself from more than you bargained for during this ‘season of shopping.’ Making cyber security a priority while shopping or browsing online can help you protect yourself from more than you bargained for during this ‘season of shopping.’

Recommended Content:

Technology | Secure Messaging

With the holidays upon us and the season of sales and shopping nearing its height, the risk has increased for online scams and fraudulent activity targeting consumers. You can make a big difference in protecting your personal and financial information by making cybersecurity a priority.

“Everyone should be aware of scams or frauds targeting email users and shoppers,” said Servio Medina, a Branch Chief in the Cyber Security Division at the Defense Health Agency. These attempts to access your information can look like offers for Black Friday, Cyber Monday, or holiday discounts, he advised, and often seem too good to be true.

Medina warned that criminal hackers can easily spoof an email address to make it look like an offering from a trusted retailer or institution, such as a bank. “Now everything is click, click, click – but we should stop and think about what we’re clicking on before we engage, and what better time than shopping season?” he said.

Justin Hodges, chief of DHA Cyber Operations Center and director of Cybersecurity Service Provider for Space & Naval Warfare Systems, said cybercriminals may also create websites to look like they represent a charity in order to collect financial information. While some fraudulent websites can be easily identifiable, such as through a .net domain or unfamiliar email address, some more advanced websites may not be as easy to spot, he warned.

“You need to be really careful that the websites you’re going to are in fact legitimate websites,” said Hodges, who recommends browsing through a domain with “https,” which often shows a lock symbol. The “s” in the domain indicates that a website encrypts information to transit it over the internet. He also encourages consumers to research the website or company name in a search engine to see if any reviews come up.

“Scams will very often have little to no reviews on the internet, which should be a red flag,” said Hodges. By visiting a fraudulent website, shoppers run the risk of accidentally giving hackers access to their financial or other personal information, and access to computers and home files, he said.

“You don’t need to click on anything or download anything for hackers to exploit the way your browser is configured and download malicious software that gives them access to your home PC,” said Hodges. “Once financial or personal information is taken, it can be stored in data bases on the dark web and sold, making you more susceptible to security breaches in the future.”

Medina said shoppers can take some actions to help avoid a phishing attack, such as opening emails in plain text rather than html, or hovering the cursor over a hyperlink without clicking on it to check if the URL leads to a legitimate source. Additional protective steps include updating security software, using a password-protected network, and avoiding unverified public Wi-Fi when making transactions online, he said.

“A lot of people think home networks are safe compared to browsing the web while using a mobile hot spot or free Wi-Fi, but if you don’t take steps to protect your network at home, you may not be any safer at home,” said Hodges.

The Department of Homeland Security’s cyber awareness campaign, STOP.THINK.CONNECT., provides additional online safety tips, such as watching out for deals that look too good to be true, shopping through trusted retailers, and using a credit card instead of a debit card.

The National Credit Union Administration Fraud Prevention Center educates consumers on how to recognize common scams, including package delivery and gift card scams, phishing emails, charity scams, and fraudulent ads. It also offers information on the “evil twin” Wi-Fi scam, which involves a scammer putting out a Wi-Fi signal that looks just like a complimentary one available at coffee shops, airports, and hotels.

“Cyber health is important to the safety and well-being of our warfighters and their families,” said Hodges. “The more people know about cyber health, the better they can protect themselves.”

You also may be interested in...

Solution Delivery Division

Fact Sheet
12/11/2018

To deliver information technology solutions to the Military Health System through expert acquisition program management, process reengineering, information translation and sharing, training, and integration activities in order to support and advance the delivery of health care to our patients.

Recommended Content:

Technology

DHA IPM 18-018: Physical Custody and Control of the DoD Health Record

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (p): • Establishes the Defense Health Agency’s (DHA) procedures for the physical custody and control of DoD Health Records at all DoD Military Treatment Facilities (MTFs) and the management, monitoring, review, and evaluation of DoD Health Record availability at MTFs. • This DHA-IPM is effective immediately and will expire effective 12 months from the date of issue. It must be incorporated into the forthcoming DHA-Procedural Instruction, “Health Records Management”.

Army medical device cyber team balances benefits and risks of technology

Article
11/8/2018
An Army medic positions a patient for a CT scan, which helps radiologists diagnose different types of disease and injuries. Medical devices, such as radiology imaging systems, must now go through a cybersecurity validation process in order to connect to military networks (U.S. Army photo by Staff Sgt. Evelyn Chavez)

The frequency and severity of cybersecurity attacks against the medical community will continue to rise

Recommended Content:

Technology

Cyberfit Family Crossword Puzzle 2018

Publication
11/7/2018

This crossword puzzle provides tips to keep everyone in your family safe online in cyberspace

Recommended Content:

Technology

DHA IPM 18-017: Military Health System (MHS) Information Technology (IT) Investment Management Framework

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (v), establishes Defense Health Agency’s (DHA) procedures to: • Establish the overarching guidance to implement policies and procedures for managing DHA Deputy Assistant Director, Information Operations (DAD IO)/J-6 Defense Health Program (DHP) IT resources. The DHA Investment Management Framework is used as an enabler for MHS leadership to make informed transparent financial decisions associated with the DHA DAD IO/J-6 systems, services, and capabilities and will continue to be used in the foreseeable future. • Provide full and total awareness of all IT across the enterprise ensuring all MHS healthcare-related IT investments are accounted for and integrated both operationally and financially. This includes all IT systems, applications, and devices and all their funding identified to manage a coherent and integrated healthcare capability across the enterprise. • Provide and supersede guidance and instructions previously provided through the Services. As Military Medical Treatment Facilities (MTFs) transition to DHA management and responsibility, procedures in this DHA-IPM will supersede IT systems guidance and instructions previously provided through the Services; including IT systems in all MTFs, clinics, and enterprise services provided to Other Lines-of-Business (OLB), such as training and research, etc. In addition, it supports a coherent and comprehensive catalog of IT capability investments encompassing all IT used to support the MHS mission. • Require that all funding sources, type and Budget Activity Group (BAG), purchasing or supporting any IT must be identified for inclusion in the DHA portfolio of IT capability investments. • Provide superseding guidance and instruction, through this DHA-IPM until a DHA-Procedural Instruction is issued previously provided by the Services in References (w) through (ad), for the MTFs as they are transitioned to DHA management and responsibility. • This DHA-IPM is effective immediately and it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-017
  • Date: 11/6/2018
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

Cyberfit family: Making cybersecurity understandable for all ages

Article
10/30/2018
By making cyber fitness a part of daily routines, families can protect their online information and personal well-being.

Protecting the homefront against cybersecurity issues

Recommended Content:

Technology

PEO DHMS celebrates National Health IT Week

Article
10/19/2018
The Program Executive Office Defense Healthcare Management Systems logo

Leaders and staff from the PEO DHMS shared their stories about why health IT is important

Recommended Content:

Technology | Military Health System Electronic Health Record | Electronic Health Record Modernization & Interoperability

DHA IPM 18-016: DHA IPM 18 016 Medical Coding of the DoD Health Records

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (s): • Establishes the Defense Health Agency’s (DHA) procedures for centralized oversight, standardized operations, and ensured quality and performance for the coding of DoD Health Records. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire 12 months from the date of issue.

DHA IPM 18-015: Cybersecurity Program Management

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the requirements of References (d) through (y): • Establishes the Defense Health Agency’s (DHA) procedures to implement and maintain a DHA Cybersecurity Program for the Military Health System (MHS) to protect and defend DHA information and Information Technology (IT). • Is effective immediately; it will be converted into DHA-Procedural Instruction (DHA-PI), “Cybersecurity Program Management.” This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-015
  • Date: 10/17/2018
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

October 2018 CVS Caremark Electronic Billing Process

Presentation
10/15/2018

Recommended Content:

Technology

October 2018 Post Test

Presentation
10/15/2018

Recommended Content:

Technology

Encryption Wizard Info

Presentation
10/15/2018

Encryption Wizard (EW) is simple, strong, Java-based file and folder encryption software for protection of sensitive information, such as FOUO, PII, CUI, and Privacy Act data. This Presentation provides complete details about EW.

Recommended Content:

Technology

October 2018 Webinar

Presentation
10/15/2018

October 2018 Webinar

Recommended Content:

Technology

October 2018 EDI RX Claims Overview

Presentation
10/15/2018

Recommended Content:

Technology

DHA IPM 18-013: Risk Management Framework (RMF)

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (ac): • Incorporates cybersecurity strategy, policy, awareness/training, assessment, continuous monitoring, authorization, implementation, and remediation. • Aligns with the Deputy Assistant Director, Information Operations (DAD IO) J-6/Chief Information Officer’s (CIO) key concept of increasing cybersecurity of Defense Health Agency’s (DHA) Information Technology (IT); therefore, robust risk assessment and management is required. • Encompasses lifecycle risk management to determine and manage the residual cybersecurity risk. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-013
  • Date: 10/10/2018
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology
<< < 1 2 3 4 5  ... > >> 
Showing results 1 - 15 Page 1 of 8

DHA Address: 7700 Arlington Boulevard | Suite 5101 | Falls Church, VA | 22042-5101

Some documents are presented in Portable Document Format (PDF). A PDF reader is required for viewing.. Download a PDF Reader or learn more about PDFs.