American Legion partner Aura answers questions about fraud and scams.
American Legion partner Aura, which combines credit monitoring, identity fraud alerts and online privacy tools in one easy-to-use platform, answers questions about fraud and scams.
Through this partnership, Legion members and their families can access Aura’s protection at discounts of up to 75% on family plans and over 60% on individual and couple plans.
Q: What are the top three red flags a Legionnaire should look for that prove a caller or email is not from the Department of Veterans Affairs or an accredited VSO?
A: Fraudsters often pose as legitimate claims agents or VA officials to gain access to a veteran's records or charge illegal fees. The VA and accredited veteran service organizations (VSOs) will never demand payment upfront or rush you into a contract.
- Red Flag #1: Fees for filing/guarantees: Any person or company offering to charge you a percentage of your future benefits, a large fee to simply fill out VA forms, or guaranteeing a benefit amount is likely a scammer or an unaccredited agent. Accredited VSOs, like The American Legion, DAV, VFW, etc., are free.
- Red Flag #2: Pressure and urgency: The caller or email creates an extreme sense of urgency ("Your benefits will stop tomorrow" or "This is a one-time offer"). The VA operates on established processes; they do not use high-pressure sales tactics. Hang up and call the official VA line (1-800-827-1000) to confirm.
How Aura Can Help
Aura provides comprehensive scam protection across your phone, texts and email. Aura’s Scam Call & Text Protection uses AI to detect and block phishing attempts, scam texts and robocalls before they reach you. Similarly, Aura’s email protection allows you to connect your email and have Aura monitor and flag any suspicious email that’s been sent to your account.
Q: Beyond shredding, what is the safest way to digitize and store a personal copy of a DD-214 or other sensitive military documents so it's accessible but impenetrable?
A: Service records (like the DD-214) are a treasure trove for identity thieves because they contain unique identifiers. The safest way to handle a digital copy is to treat it like a bank vault key.
- Rule: Do not store it on an unsecured cloud drive (like a standard, unencrypted Google Drive or Dropbox folder) or a device without a password.
- Safest way to store: Use a password-protected, encrypted digital vault or secure folder. Many modern operating systems (Windows, Mac) allow you to create an encrypted disk image or folder. Alternatively, you can save the file to a clean USB drive and keep that drive locked in a safe or secure location that only you and your trusted family member know about.
How Aura Can Help
Aura offers a digital vault that’s like a digital lockbox. It allows you to store your most important digital files and passwords to keep secure, and easily share them with select family members so everyone can stay connected and safe. All your data is encrypted using the internationally-recognized standards for data security and privacy.
Q: What simple steps should every Legionnaire take right now to lock down their VA direct deposit information to prevent a hacker from redirecting their monthly benefit or pension payments to a fraudulent bank account?
A: Staying vigilant and implementing good cyber-safety measures can help protect your benefits from being accessed by fraudsters. Some best practices to keep in mind:
- Use multi-factor authentication (MFA) on VA.gov: This is non-negotiable. If you don't have MFA, a scammer only needs your password to change your bank info. With MFA, they need your password and your phone.
- Monitor your bank account frequently: Set up low-balance alerts or deposit alerts with your bank. If the VA deposit is late or missing, you will know immediately and can call the VA (1-800-827-1000) before a full payment cycle is missed.
- Review mail and email for changes: Be alert for any unexpected correspondence from the VA or your bank about a change of address or change to your direct deposit. This is the scammer confirming they successfully made the switch.
How Aura Can Help
Aura’s award-winning identity protection provides comprehensive monitoring of your data and identity to catch fraud fast. Aura identity protection not only notifies you if your SSN, login and passwords have been leaked on the Dark Web, it also includes Bank Fraud Monitoring which sends you a text or email when a fraudster tries to modify your bank account’s personal information or add new account holders to access your funds.
Q: If you could only implement one layer of defense on critical accounts (VA, bank, primary email), would it be a strong password or multi-factor authentication and why? Can you explain MFA simply?
A: The best protection is using both: a strong, unique password for every account and MFA. That’s our recommendation.
If you could only choose one layer of defense, multi-factor authentication provides stronger protection than a password alone because even if a password is stolen, guessed or leaked, MFA can still stop an attacker from getting in. MFA simply means using two proofs instead of one–something you know (your password) and something you have (like a one-time code sent to your phone or generated by an app). Think of it as a second lock on the door.
How Aura Can Help
Aura supports by offering a password manager, which helps create, store, and autofill strong, unique passwords so Legionnaires don’t have to remember them all, making strong security easier to use, not harder.
- Dispatch