Back to Top Skip to main content

Cyber fitness, awareness key during ‘season of shopping’

Making cyber security a priority while shopping or browsing online can help you protect yourself from more than you bargained for during this ‘season of shopping.’ Making cyber security a priority while shopping or browsing online can help you protect yourself from more than you bargained for during this ‘season of shopping.’

Recommended Content:

Technology | Secure Messaging

With the holidays upon us and the season of sales and shopping nearing its height, the risk has increased for online scams and fraudulent activity targeting consumers. You can make a big difference in protecting your personal and financial information by making cybersecurity a priority.

“Everyone should be aware of scams or frauds targeting email users and shoppers,” said Servio Medina, a Branch Chief in the Cyber Security Division at the Defense Health Agency. These attempts to access your information can look like offers for Black Friday, Cyber Monday, or holiday discounts, he advised, and often seem too good to be true.

Medina warned that criminal hackers can easily spoof an email address to make it look like an offering from a trusted retailer or institution, such as a bank. “Now everything is click, click, click – but we should stop and think about what we’re clicking on before we engage, and what better time than shopping season?” he said.

Justin Hodges, chief of DHA Cyber Operations Center and director of Cybersecurity Service Provider for Space & Naval Warfare Systems, said cybercriminals may also create websites to look like they represent a charity in order to collect financial information. While some fraudulent websites can be easily identifiable, such as through a .net domain or unfamiliar email address, some more advanced websites may not be as easy to spot, he warned.

“You need to be really careful that the websites you’re going to are in fact legitimate websites,” said Hodges, who recommends browsing through a domain with “https,” which often shows a lock symbol. The “s” in the domain indicates that a website encrypts information to transit it over the internet. He also encourages consumers to research the website or company name in a search engine to see if any reviews come up.

“Scams will very often have little to no reviews on the internet, which should be a red flag,” said Hodges. By visiting a fraudulent website, shoppers run the risk of accidentally giving hackers access to their financial or other personal information, and access to computers and home files, he said.

“You don’t need to click on anything or download anything for hackers to exploit the way your browser is configured and download malicious software that gives them access to your home PC,” said Hodges. “Once financial or personal information is taken, it can be stored in data bases on the dark web and sold, making you more susceptible to security breaches in the future.”

Medina said shoppers can take some actions to help avoid a phishing attack, such as opening emails in plain text rather than html, or hovering the cursor over a hyperlink without clicking on it to check if the URL leads to a legitimate source. Additional protective steps include updating security software, using a password-protected network, and avoiding unverified public Wi-Fi when making transactions online, he said.

“A lot of people think home networks are safe compared to browsing the web while using a mobile hot spot or free Wi-Fi, but if you don’t take steps to protect your network at home, you may not be any safer at home,” said Hodges.

The Department of Homeland Security’s cyber awareness campaign, STOP.THINK.CONNECT., provides additional online safety tips, such as watching out for deals that look too good to be true, shopping through trusted retailers, and using a credit card instead of a debit card.

The National Credit Union Administration Fraud Prevention Center educates consumers on how to recognize common scams, including package delivery and gift card scams, phishing emails, charity scams, and fraudulent ads. It also offers information on the “evil twin” Wi-Fi scam, which involves a scammer putting out a Wi-Fi signal that looks just like a complimentary one available at coffee shops, airports, and hotels.

“Cyber health is important to the safety and well-being of our warfighters and their families,” said Hodges. “The more people know about cyber health, the better they can protect themselves.”

You also may be interested in...

Guidance on the Establishment of a Human Cell, Tissue, and Cellular and Tissue Based Products Program


This memorandum requests the Services resource a Human Cell, Tissue, and Cellular and Tissue Based Products (HCT/Ps) Program that complies with regulatory standards for management and oversight of HCT/Ps, according to the best fit for their Service.

Standard Enterprise Architecture Requirements for Acquiring Information Management/Information Technology Products and Services


The Military Health System (MHS) Information Management/Information Technology (IM/IT) Strategic Plan established enterprise-wide interoperability and common architecture goals for MHS 1M/IT products and services that promote agility and interoperability within MHS and externally with Federal and industry partners.

  • Identification #: 00-memo-2012-06-19
  • Date: 6/19/2012
  • Type: Memorandums
  • Topics: Technology

MHS Cloud First Adoption Directive and Policy Guidance Signed Memo and Attachment


The National Defense Authorization Act for Fiscal Year (FY) 2012 mandates that the Department of Defense (DoD) and its agencies develop a strategy to migrate to using Cloud computing services. Against this backdrop, DoD released an IT Enterprise Strategy and Roadmap plan in September 2011 developed by the DoD CIO, Teri Takai. This memorandum is consistent with Federal and DoD strategies, directives, and plans as they relate to implementation of a Military Health System (MHS) Cloud First policy aligning with the MHS mission

  • Identification #: 00-memo-2012-05-22
  • Date: 5/22/2012
  • Type: Memorandums
  • Topics: Technology

Army Health Promotion and Risk Reduction Campaign


Army Health Promotion and Risk Reduction Campaign presented to the Defense Health Board Oct. 1, 2009

Recommended Content:

Technology | Suicide Prevention
<< < ... 6 7 8 > >> 
Showing results 106 - 109 Page 8 of 8

DHA Address: 7700 Arlington Boulevard | Suite 5101 | Falls Church, VA | 22042-5101

Some documents are presented in Portable Document Format (PDF). A PDF reader is required for viewing. Download a PDF Reader or learn more about PDFs.