Back to Top Skip to main content

Cyber fitness, awareness key during ‘season of shopping’

Making cyber security a priority while shopping or browsing online can help you protect yourself from more than you bargained for during this ‘season of shopping.’ Making cyber security a priority while shopping or browsing online can help you protect yourself from more than you bargained for during this ‘season of shopping.’

Recommended Content:

Technology | Secure Messaging

With the holidays upon us and the season of sales and shopping nearing its height, the risk has increased for online scams and fraudulent activity targeting consumers. You can make a big difference in protecting your personal and financial information by making cybersecurity a priority.

“Everyone should be aware of scams or frauds targeting email users and shoppers,” said Servio Medina, a Branch Chief in the Cyber Security Division at the Defense Health Agency. These attempts to access your information can look like offers for Black Friday, Cyber Monday, or holiday discounts, he advised, and often seem too good to be true.

Medina warned that criminal hackers can easily spoof an email address to make it look like an offering from a trusted retailer or institution, such as a bank. “Now everything is click, click, click – but we should stop and think about what we’re clicking on before we engage, and what better time than shopping season?” he said.

Justin Hodges, chief of DHA Cyber Operations Center and director of Cybersecurity Service Provider for Space & Naval Warfare Systems, said cybercriminals may also create websites to look like they represent a charity in order to collect financial information. While some fraudulent websites can be easily identifiable, such as through a .net domain or unfamiliar email address, some more advanced websites may not be as easy to spot, he warned.

“You need to be really careful that the websites you’re going to are in fact legitimate websites,” said Hodges, who recommends browsing through a domain with “https,” which often shows a lock symbol. The “s” in the domain indicates that a website encrypts information to transit it over the internet. He also encourages consumers to research the website or company name in a search engine to see if any reviews come up.

“Scams will very often have little to no reviews on the internet, which should be a red flag,” said Hodges. By visiting a fraudulent website, shoppers run the risk of accidentally giving hackers access to their financial or other personal information, and access to computers and home files, he said.

“You don’t need to click on anything or download anything for hackers to exploit the way your browser is configured and download malicious software that gives them access to your home PC,” said Hodges. “Once financial or personal information is taken, it can be stored in data bases on the dark web and sold, making you more susceptible to security breaches in the future.”

Medina said shoppers can take some actions to help avoid a phishing attack, such as opening emails in plain text rather than html, or hovering the cursor over a hyperlink without clicking on it to check if the URL leads to a legitimate source. Additional protective steps include updating security software, using a password-protected network, and avoiding unverified public Wi-Fi when making transactions online, he said.

“A lot of people think home networks are safe compared to browsing the web while using a mobile hot spot or free Wi-Fi, but if you don’t take steps to protect your network at home, you may not be any safer at home,” said Hodges.

The Department of Homeland Security’s cyber awareness campaign, STOP.THINK.CONNECT., provides additional online safety tips, such as watching out for deals that look too good to be true, shopping through trusted retailers, and using a credit card instead of a debit card.

The National Credit Union Administration Fraud Prevention Center educates consumers on how to recognize common scams, including package delivery and gift card scams, phishing emails, charity scams, and fraudulent ads. It also offers information on the “evil twin” Wi-Fi scam, which involves a scammer putting out a Wi-Fi signal that looks just like a complimentary one available at coffee shops, airports, and hotels.

“Cyber health is important to the safety and well-being of our warfighters and their families,” said Hodges. “The more people know about cyber health, the better they can protect themselves.”

You also may be interested in...

DHA IPM 18-015: Cybersecurity Program Management

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the requirements of References (d) through (y): • Establishes the Defense Health Agency’s (DHA) procedures to implement and maintain a DHA Cybersecurity Program for the Military Health System (MHS) to protect and defend DHA information and Information Technology (IT). • Is effective immediately; it will be converted into DHA-Procedural Instruction (DHA-PI), “Cybersecurity Program Management.” This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-015
  • Date: 9/23/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

DHA IPM 18-011: Video Network Center (VNC) Endpoint Standards

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (g): - Provides guidance for video network endpoint standards required for sites to connect to the Defense Health Agency (DHA) VNC network. These standards will help ensure security compliance, efficiency, and best practices are maintained across the DHA network. Meeting certification requirements brings many benefits, including: increased assurances of a successful video teleconference (VTC) experience, full access to bridge and point-to-point calls, and access to peer video networks, including the Department of Veterans Affairs, academia, and industry partners. Compliance with stated standards does not preclude users connecting to other DoD approved networks. - This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-011
  • Date: 9/20/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

DHA IPM 18-013: Risk Management Framework (RMF)

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) through (c), and in accordance with the guidance of References (d) through (ac): • Incorporates cybersecurity strategy, policy, awareness/training, assessment, continuous monitoring, authorization, implementation, and remediation. • Aligns with the Deputy Assistant Director, Information Operations (DAD IO) J-6/Chief Information Officer’s (CIO) key concept of increasing cybersecurity of Defense Health Agency’s (DHA) Information Technology (IT); therefore, robust risk assessment and management is required. • Encompasses lifecycle risk management to determine and manage the residual cybersecurity risk. • This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction. This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-013
  • Date: 9/20/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

Special Needs Program Management Information System (SNPMIS)

Fact Sheet
8/15/2019

SNPMIS documents and reports on services provided to TRICARE patients with special needs.

Recommended Content:

Technology | Solution Delivery Division

DHA IPM 18-007: Service Delivery Management Program

Policy

This Defense Health Agency-Interim Procedures Memorandum (DHA-IPM), based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (e): - Establishes the Defense Health Agency’s (DHA) procedures for implementing and managing high quality information technology (IT) services by the Chief Information Officer (CIO), Deputy Assistant Director Information Operations (DAD IO/J-6), Military Health System (MHS). The DHA Service Delivery Management program provides customers requesting IT services from the DAD IO/J-6 or Defense Information Systems Agency service catalogs with an on-demand, automated system that provides a single-entry point to submit service requests. The automated system enables DAD IO/J-6 to align business needs and use repeatable and scalable processes to holistically track, manage, and report on customer submitted requests for IT services from submission to fulfillment. - Is binding on DoD Components and supports the Director’s, DHA, responsibility to develop appropriate management models to maximize efficiencies in the activities carried out by the DHA. - This DHA-IPM is effective immediately; it will be converted into a DHA-Procedural Instruction (DHA-PI). This DHA-IPM will expire effective 12 months from the date of issue.

  • Identification #: 18-007
  • Date: 8/7/2019
  • Type: DHA Interim Procedures Memorandum
  • Topics: Technology

DHA PI 3201.05: Technology Transfer (T2) Program

Policy

This Defense Health Agency-Procedural Instruction (DHA-PI) based on the authority of References (a) and (b), and in accordance with the guidance of References (c) through (t), establishes responsibilities, procedures, and guidance for the Defense Health Agency’s (DHA) T2 program.

  • Identification #: 3201.05
  • Date: 6/20/2019
  • Type: DHA Procedural Instruction
  • Topics: Technology

Nutrition Management Information System (NMIS)

Fact Sheet
6/19/2019

NMIS is a fully integrated nutrition management system supporting military readiness and the war fighter worldwide.

Recommended Content:

Technology | Solution Delivery Division

Defense Occupational and Environmental Health Readiness System – Hearing Conservation (DOEHRS-HC)

Fact Sheet
6/17/2019

The Defense Occupational and Environmental Health Readiness System – Hearing Conservation (DOEHRS-HC) is an information system designed to support personal auditory readiness and help prevent hearing loss through early detection.

Recommended Content:

Technology | Hearing Loss | Solution Delivery Division

Military Health System (MHS) Population Health Portal (PHP)

Fact Sheet
6/11/2019

Military Health System (MHS) Population Health Portal (PHP) Fact Sheet

Recommended Content:

Technology | Solution Delivery Division

Expense Assignment System (EAS IV)

Fact Sheet
6/11/2019

EAS IV is a Web-based tool essential to the Department of Defense because it assists the Defense Health Agency in identifying the total cost of providing health care to TRICARE patients.

Recommended Content:

Technology | Solution Delivery Division

Coding and Compliance Editor (CCE)

Fact Sheet
6/11/2019

CCE supports the Department of Defense efforts to improve coding accuracy and reimbursements for inpatient and outpatient services.

Recommended Content:

Technology | Solution Delivery Division

Patient Encounter Processing and Reporting (PEPR)

Fact Sheet
6/11/2019

PEPR allows analysis of purchased care claims data created by the TRICARE Managed Care Support Contractors.

Recommended Content:

Technology | Solution Delivery Division

BATDOK improves, tailors to deployed medics

Article
6/7/2019
Air Force Chief Master Sgt. Robert Bean, a pararescueman, demonstrates how BATDOK can be worn on the wrist, providing awareness of the health status of multiple patients. (U.S. Air Force photo)

BATDOK is under user evaluations by Air Force Pararescuemen and Army Rangers

Recommended Content:

Technology

Surgeons perform first bioengineered blood vessel transplant in military patient

Article
5/28/2019
Development of the Human Acellular Vessel, or HAV, starts by taking living cells from a human blood vessel and placing them onto a tube-shaped frame. These vascular cells are kept alive in an organ chamber, growing around the tube-shaped lattice. Over time, the lattice that was used to seed the original vascular cells dissolves, and scientists remove the original cells so the new vessel doesn’t cause an immune response when it’s implanted. What is left is a solid, tubular structure made of human vascular material that looks and acts like a blood vessel -- thus, the bio-engineered and newly-grown blood vessel, or HAV. (USU medical illustration by Sofia Echelmeyer)

Injury to major blood vessels of the body is the most common cause of death and disability in combat

Recommended Content:

Research and Innovation | Technology

Dummies for doctors

Article
5/14/2019
Air Force Col. Christine Kress (center) observes use of a medical canine mannequin designed to create training environments that prepare medical professionals for events they may face in the field. (MHS photo)

How technology is preparing the next generation of docs for the battlefield

Recommended Content:

Technology | Combat Support
<< < 1 2 3 4 5  ... > >> 
Showing results 1 - 15 Page 1 of 8

DHA Address: 7700 Arlington Boulevard | Suite 5101 | Falls Church, VA | 22042-5101

Some documents are presented in Portable Document Format (PDF). A PDF reader is required for viewing: Download a PDF Reader or learn more about PDFs.