Our online activity has real-world consequences for mission success and the safety of our forces. Malicious actors and criminals routinely exploit social media and messaging platforms to manipulate individuals and gather sensitive information.
Their goals? Access your personal details, professional affiliations, credentials, and even classified information. These actors often create fake personas, establish trust over time, launch spear-phishing or device exploitation attempts, and conduct influence and social engineering operations. With emerging tools like artificial intelligence, malicious activity is becoming harder to spot but there are ways to protect yourself:
• Assume You Are a Target: Operate under the assumption that your public-facing activity is being monitored by adversaries. mission. Individual vigilance is a critical line of defense.
• Practice OPSEC: Avoid discussing sensitive topics in public spaces and never post real-time locations or routine patterns. Secure Your Accounts The most significant threats facing service members, their families, and civil servants are the hacking of social media accounts and phishing attempts. Take the following proactive steps now, as directed by standing cybersecurity policy. Action Enable Multi Factor Authentication (MFA) Description Activate MFA on all personal and professional accounts, including social media, email, and financial services. Use an authenticator app for greater security.
• Limit details shared on social media: Limit visible personal details, travel plans, and workplace information. Limit who can view your personal info on social media.
• Beware of Phishing: Be extra vigilant for phishing emails and messages. These may be crafted to look like o cial communications or news updates. Avoid moving conversations to private apps or unfamiliar platforms.
• Be Skeptical: Treat urgent, pressuring, or unusual messages with suspicion. Be cautious of flattery, urgency, or vague offers.
Strengthen Your Passwords Review Privacy Settings
Change passwords on key accounts, especially social media. Use a long, complex, and unique passphrase for each service. Avoid reusing passwords.
Why It Matters
MFA provides a critical barrier against unauthorized access, even if an adversary has your password. This is a key component of good "cyber hygiene." Adversaries often use previously breached password lists to gain access. A unique, complex passphrase for each account mitigates this risk. Set all personal social media accounts to the most private setting. Limit who can see your posts, friends list, and personal information like your location and employer.
• Avoid Suspicious Links: Never click on unknown links or open unexpected attachments. Think Before You Click!
• Verify Requests: Con rm sender identity through a trusted channel before acting on requests involving credentials or sensitive information. Reverse-search images and verify new contacts before engaging. Be wary of unsolicited friend/connection requests or direct messages, as these are common tactics for intelligence gathering and spear-phishing.
Reporting this reduces your "digital signature," making it harder for adversaries to pro le you, your family, or your unit for targeting and intelligence gathering. If you notice anything suspicious, DO NOT RESPOND, CLICK, OR FORWARD IT. Report it immediately by notifying Naval Criminal Investigative Services (NCIS) at FEEVR@ncis.navy.mil or follow the reporting guidance provided by your command.
Stay vigilant. Protect yourself, your network, and the Cyber and operational security is everyone’s responsibility. Every one of us must reinforce our personal and professional cyber defenses to ensure the security of our information and the integrity of our mission.