Cyber warriors test phishing response Published March 8, 2011 By Jennifer Thibault 50th Space Wing Public Affairs SCHRIEVER AIR FORCE BASE, Colo. (AFNS) -- As part of the Air Force's mission to ward off attacks in cyberspace, members the 50th Space Communications Squadron went phishing on base last month. "Phishing is when someone sends messages to a large group of people in an effort to deceive people into revealing their personal information, such as a social security numbers, credit card numbers or bank information," said 2nd Lt. James Vanderwende, the 50th Space Wing Information Assurance officer in charge. In most situations, phishing attempts are made online via e-mail, but phishing attacks using the telephone have also been successful, he added. In the Schriever AFB exercise, a phisher sent hundreds of randomly selected base members an e-mail asking them to provide their common access card pin numbers as part of a new security requirement. Unfortunately many fell for the bait. In most cases phishing attempts are successful because the "bait" is so believable. "Generally, phishers are successful because they have a good story," Lieutenant Vanderwende said. "They typically use current events and people's ignorance to attain their goal." For this exercise, on-base phishers generated fake e-mail accounts to lure members into providing personal information. "Phishers will ask for any kind of personal information, SSN or date of birth. And they will use any type of story to try and trick you into submitting personal information," said Staff Sgt. Trenton Morgan, the lead phisher for the exercise. This is not the first time 50th SCS has gone phishing here. "I sent out two other phishing emails before, where I asked for SSN and date of birth as a fake tax prep company on base," Sergeant Morgan said. "In that exercise, we asked for the information in exchange for free lift tickets and 50-percent-off discounts." This exercise demonstrated the same tactics that adversarial phishers use. "You should always be aware of who you're responding to," cautioned Sergeant Morgan. "Do your research and know exactly who you're sending your information to, and never send out your (common access card) pin; you should always safeguard it." The majority of those who received the phishing e-mail applied their net defender skills. They did not provide the requested information and called the help desk. "If members think they have received a phishing e-mail, they need to call the help desk," the lieutenant said. "Don't delete the message, just call the help desk. The same is true if they receive a phishing phone call, call the help desk and provide the number that called them if possible." During each of the recent phishing exercises some base members did divulge their personal information. Luckily for them, the information went to a well-intentioned Airman who will now help them better respond if they are ever targeted by actual phishers. "We are working with the unit information assurance appointees to have those who provided their information complete a phishing (computer based training) and reset their CAC pin since it has been compromised," Sergeant Morgan said. Increased cyber vigilance is the key to thwarting future phishing excursions. "When we know there is a phishing attempt we send out a base wide message warning people about it," Lieutenant Vanderwende said. "The problem is by the time we find out many people have already given up their personal information. That's why people need to confirm the legitimacy of the message before giving any pertinent information. To learn more about phishing, review the phishing computer based training at http://iase.disa.mil/eta/phishing/Phishing/launchPage.htm.