Rough Waters in the Cyber Sea
Just back from Romania and Bulgaria, two countries that truly support U.S. and NATO efforts around the world. One thing we talked about was the cyber world and the implications for all of our nations.
We talked about the big national issues – the possibility of cyber attack, how to defend, what constitutes an attack, how all of this fits under the NATO treaty.
But what really hit home in my discussions was mentioning my own personal experiences in the rough waters of the cyber seas recently.
It’s no secret that I’m a strong advocate for communication and engagement in both traditional (person-to-person) and electronic forums (such as my Facebook page and this blog). But there is a price to be paid for such active engagement, as I recently found out.
It seems that my identity, and that of my daughter, have been used in a scam – not uncommon at that.
Basically, the scam architects contact victims by email – acting as me – to secure personal trainer or in this case “Pilates yoga” services on behalf of my daughter.
Anyone who responds to this bait is asked to cash a check in return for the services. At the last minute, the check is written for more than the purchase price because of alleged oversight or mistake, and the victim is asked to wire back the difference. The checks are counterfeit, but sometimes good enough to be initially accepted by a bank. When the check eventually bounces, the victim finds him or herself still liable for the amount wired back to the scammer.
You’ll recall that I recently wrote quite a bit on The Cyber Sea and the need for protocols and procedures to govern this space. What’s interesting in the case I’ve described above is that there doesn’t appear to be any single place to turn for help.
Because it is almost impossible to identify the perpetrators, this case falls outside the purview of military investigators. The Better Business Bureau and the International Chamber of Commerce can be informed, but the likelihood of resolution is slim.
The Federal Trade Commission can also be informed; they assert that spam and phishing messages will be “stored in a database law enforcement agencies use in their investigations.” In the end, the best thing to do is inform all of your cyber friends to be “on guard,” and that’s what I’m doing.
You might think that this experience has deterred me from maintaining such an active online presence, but that isn’t the case at all. I hate the idea of someone using my name to cheat good people, but withdrawing from these forums doesn’t solve the problem.
In the end, I’m comfortable with the risk I assume in being active and outspoken, as I strongly believe that the benefit of “getting the word out” and interacting in these media far outweighs the costs.
Cyber issues are both personal and national; yet in the end, they merge into a range of vulnerability. We need to develop the rules of the road in this cyber sea in order to protect us all.
Admiral James Stavridis
Commander, U.S. European Command and
Supreme Allied Commander Europe
Find more blog posts tagged with:
- identity theft
- social networking
- United States
- cyber
- Federal Trade Commission
- Bulgaria
- Chamber of Commerce
- NATO
- Better Business Bureau
- Romania
Comments: 2
In the US you can also report phishing emails like these to US-CERT when they come over your home computers or mobile phones. The website is http://www.us-cert.gov/ where there is a Reporting Box with links on the left hand side for reporting phishing, incidents or vulnerabilities.
Dear Mr. Admiral James Stavridis, this comment is interesting because it gives a positive idea of the future of cyberspace. We will find rules to solve this problems. We have to develop rules together, because the internet is "globalthing" and so it is neccessary that we try to find a global resolution. thx zeroskillor