VA Issues Online Safety Warning for Military Families
The Department of Veterans Affairs issues warnings and guidance about protecting private data online for military members, veterans, and families. Sometimes, these warnings coincide with a rise in hacker activity targeting military communities, so when they surface on the VA official site, it pays to take stock of your current passwords, how old they are, and several other related security issues.
VA.gov reminds users that taking simple, effective measures can lead to a more secure online experience. Making online safety and cybersecurity a priority in your daily life could make the difference between being hacked or being left alone. Why?
>>Never miss a benefits update! Sign up for our Benefits Newsletter today!
Cybercriminals Target Military Personnel and Veterans
People with military ties can be targets for several reasons. One motivation is the opportunity to view sensitive information you once handled or are currently responsible for safeguarding.
Another? Financial exploitation. Scammers know veterans and service members often have reliable incomes and government benefits. They may use phishing, loan scams, or fake investment schemes. An FBI report, the IBM X-Force 2025 Threat Intelligence Index, notes:
“Our analysts have documented that threat actors use AI to build websites and incorporate deepfakes in phishing attacks. We have also observed threat actors applying Gen AI to create phishing emails and write malicious code.”
Identity theft is another significant concern. Personal information, such as your Social Security number, service details, and financial data, can be stolen. The same FBI report notes:
“ For the second year in a row attackers adopted more stealthy and persistent attack methods, with nearly one in three attacks that X-Force observed using valid accounts. A surge in phishing emails distributing infostealer malware and credential phishing fuels this trend, which may be attributed to attackers leveraging AI to scale attacks.”
Criminals use phished information to open accounts, file false tax returns, or commit other fraud. One major problem is that trust common in the military community can sometimes be exploited if official-looking communications are not carefully checked.
Fake Sites, Phishing, and Phony Job Offers to Lure Veterans
Scammers frequently create fake websites offering “military discounts” to steal login details or financial information. Family members can also be targets, either to access a service member’s data or to apply emotional pressure.
Phishing is a common problem in military communities. Hackers use deceptive emails, texts, or messages to trick you into giving up personal information or clicking harmful links.
A variant of this, known as spear phishing, is a targeted version where the attacker uses personal details to make the message seem more legitimate, perhaps appearing to come from a VA office or a colleague.
Malware, or malicious software, can be downloaded unintentionally by clicking unsafe links or opening infected emails or social media attachments. Ransomware locks your files, and attackers demand payment to unlock them.
Job seekers should be aware of the types of fake job offers used to prey on those transitioning from service or seeking veteran employment. These offers may include upfront fees or extensive personal details. Don’t pay a third party for the privilege of applying for a new job.
VA Advice for Strengthening Your Online Security
The Department of Veterans Affairs advises military members and families, “Keep your technology updated.” Computer operating systems, internet browsers, and mobile device applications receive regular updates from their developers, and your devices should be kept as current as possible.
Those updates typically include new security patches to correct system weaknesses that hackers try to use. Enable automatic updates to keep your software is current. Do not ignore update prompts from your system or applications; install them promptly. Use reputable antivirus and antimalware software on all your devices, including computers and smartphones. Keep this security software updated and run regular scans to find and remove any malicious programs.
Enable Multi-Factor Authentication (MFA) whenever possible. MFA is like having a second lock on your account. Even if a hacker obtains your password, you still need to provide a second piece of information to log in successfully.
Why Enable MFA?
MFA typically requires your password plus a second verification method. This second method could be a one-time code sent to your phone by text or generated by an authenticator app, a physical security key, or a biometric scan like a fingerprint or facial recognition. Prioritize MFA for important accounts such as email, banking, social media, and VA-related logins.
Review security settings of your online services, as many now offer MFA. Using an authenticator app is generally considered more secure than receiving codes by text, as texts can sometimes be intercepted.
Secure your devices and documents. Your computers, smartphones, tablets, and the information stored on them are valuable. Strong, unique passwords are essential. Avoid common words or easily guessed information. A strong password should be long, typically at least 12 to 15 characters, and include a mix of letters, numbers, and characters.
Use Multiple Passwords
Use a different password for each account; do not duplicate it among multiple accounts. Secure tables, phones, and other mobile devices and computers with strong passcodes, PINs, or biometric locks. Set them to lock automatically after a short period of inactivity. Also, remember to protect physical documents containing personal information.
Maximize your privacy settings on social media. While social media is for sharing, oversharing can create risks. Limit who on the platform is allowed to view your posts or updates. Select “Friends only” rather than “Public.”
Be careful with geotagging, which shares your location. It is often best to turn off location services for social media apps. Scrutinize friend requests and do not accept requests from people you do not know, even if they seem to have mutual connections.
Think carefully before you post. Avoid sharing sensitive details like your full birthdate, home address, specific past or present deployment information, or details about your daily routines. Review third-party app permissions connected to your social media accounts and remove access for apps you no longer use or trust.
>>Never miss a benefits update! Sign up for our Benefits Newsletter today!
About the author
Editor-in-Chief Joe Wallace is a 13-year veteran of the United States Air Force and a former reporter/editor for Air Force Television News and the Pentagon Channel. His freelance work includes contract work for Motorola, VALoans.com, and Credit Karma. He is co-founder of Dim Art House in Springfield, Illinois, and spends his non-writing time as an abstract painter, independent publisher, and occasional filmmaker.
