Security clearance holders are at heightened risk for scams at any time, but the current geopolitical environment means scammers and opportunists across the globe are looking to take down national security workers and their personal and professional information. ClearanceJobs recently sat down with long time contributor Peter Suciu, who has spent years covering consumer threats and cybersecurity topics for a variety of publications. He outlined some of the top risks facing security clearance holders today, including:

  1. Fake Job Offers/Phishing Scams
  2. Apps
  3. BYOD

1. Fake Job Offers/Phishing Scams

Scammers and foreign intelligence operations alike have learned that public social media sites like LinkedIn are a hot bed for using the guise of a professional connection to create a web that traps national security workers. Any time you’re solicited online for a job offer, you need to be security conscious. A little homework can go along way in vetting opportunities.

“If you’re looking to work at Lockheed Martin and the recruiter doesn’t have a Lockheed Martin email address, that should be a big red flag,” said Suciu. Hotmail is a red flag, and anything with a .ru or .ch url is a burning one. Email addresses should come from an address appropriate to the company. If not, make sure to vet the individual with a phone call, asking detailed questions about the company or position. A true recruiter will always be willing to pick up the flag and chat with you.

Another key red flag – any employer who says you need to pay up front, including any costs related to a background investigation or security clearance.

“Make sure you don’t have to pay for anything up front, including background investigations or screenings,” said Suciu.

Suciu also advices simple internet searches to see if other individuals have been contacted with the same offer – there is truly nothing new under the sun, even when it comes to phishing scams.

2. Apps

Apps are everywhere, and many individuals assume that if they can find something in an app store, it’s already been vetted. While the major providers are good at monitoring the security of apps, that’s not the case for the many, many third party apps out there. It’s also incredibly easy to spoof or create a fake app.

“I think people just become a lot more careless using their devices,” said Suciu.

Think twice before you download anything.

3. Bad BYOD

Particularly post COVID, bring-your-own-device often seems like the norm. But if you’re mixing business with pleasure when it comes to your devices, you’ll want to be even more careful and aware of any actions you take. Because once you click on that malicious link or download that malicious code, you’re no longer just putting yourself at risk, but your entire company.

“We hope that technology is going to make our life better, and make it more secure,” said Suciu. “The problem is that we don’t look at the downsides of any of this. We look at the benefits, and we’re not as cautious about the downsides.”

Related News

Lindy Kyzer is the director of content at ClearanceJobs.com. Have a conference, tip, or story idea to share? Email lindy.kyzer@clearancejobs.com. Interested in writing for ClearanceJobs.com? Learn more here.. @LindyKyzer