Faced with the newly emerged form of impersonation fraud, the Department of Information Security (Ministry of Information and Communications) recommends that people be careful when receiving strange emails and attachments, especially compressed file.
The National Cyber Security Monitoring Center – NCSC under the Department of Information Security (Ministry of Information and Communications) has just warned about a new online fraud method of impersonation fraud. The victim of the fraud case is reported to be Ms. M (character’s name has been changed) who is working in a marketing position at a company supporting business administrative procedures. Ms. M was assigned to be in charge of quickly checking CVs – resumes of candidates applying for job positions.
Fraudsters impersonate candidates to send compressed CV files to trick users into installing malicious code to appropriate information and assets. Photo: NCSC
On April 25, Ms. M received a CV from a candidate submitted via the Zalo application. Because the end of April 2024 is also the last round of intern interviews for the company, Ms. M did not hesitate to check so that candidates could come to the interview in time. While other candidates submitted their CVs with photo files or pdf files, a subject calling himself Nguyen Ngoc Trinh sent Ms. M a compressed file named CV with a zip extension.
After downloading the compressed CV file to the computer and unsuccessfully decompressing the file, the victim did not suspect anything and asked the subject impersonating the candidate to resend the CV file. However, about 1 hour later, Ms. M’s bank account announced that 800,000 VND had been deducted from the Facebook social network transaction. This bank account of Ms. M has 35 million VND, used to link with Facebook when needing to run ads.
Immediately after that, Ms. M’s account continued to be deducted 5 times in a row with an amount of nearly 8 million VND. At this time, the victim went to the bank account to check and transfer the remaining money to a friend’s account.
Not only the bank account, all other accounts such as email, social network Facebook, Zalo… of this victim were taken over by the scammer. The fraudster also continues to try to log into the victim’s other emails for the purpose of appropriating data. In addition, the victim also discovered that his computer was infected with a virus, took over and was controlled remotely by others.
From the above situation, discuss with reporters VietNamNet, an information security expert, analyzed: From a technical perspective, there are two possibilities that could lead to users clicking on the compressed CV file, leading to device hijacking and money being stolen. It is a scam that exploits vulnerabilities in the decompressor, so when decompressing, the malicious code will exploit the vulnerability, thereby stealing cookies on the computer; And the second possibility is that after decompression, the file installs malicious code, so when running the file, the malicious code is distributed.
Information with VietNamNet At the time of publishing the content ‘Weekly News’ from April 29 to May 5 about the situation of online fraud in Vietnam’s cyberspace, the Information Security Department (Ministry of Information and Communications) identified fraud. Impersonation in Vietnamese cyberspace is increasingly widespread. At the same time, this agency also warns people about some impersonation scams that are commonly used by subjects such as: Impersonating an employee of the Capital lottery company to trick them into providing lottery numbers. , numbers intended to appropriate money; Impersonating a police officer, using a dating app to defraud many women of their property; Tricks to use AI to impersonate and scam via Skype application…
To avoid becoming a victim of impersonation scammers like the case above, experts from the Information Security Department advise users to be careful when receiving strange emails and attachments, especially are compressed files.
People also need to confirm with the sender through another channel, such as calling, to make sure the file was sent by their friend before opening it; Do not provide personal or bank account information when requested to declare information from emails; You should use anti-virus software to scan email attachments; At the same time, you need to pay attention to safety issues if using email when connecting to public wireless networks.
Experts from the Information Security Department also noted that users should not use one email for many Internet services, especially important services; Regularly change strong email passwords, do not leave default passwords; Set up 2-layer security for email to authenticate by phone, helping to recover emails when attacked.
