By sophisticated tricks, hackers are starting with the tendency of fake emails of their superiors to cheat employees to commit financial fraud, because 90% of Vietnamese users will click on all links in the email if they received an email with the same address as your boss.
In the first 6 months of this year, the situation of network information security in Vietnam has been complicated. There are 968 interface change attacks (Deface), 635 malware plug-ins (Malware), and 1,556 phishing attacks.
According to statistics, although there are signs of decline compared to previous years, Vietnam is still in the top 10 of the countries targeted by the most denial of service (DDoS) attacks in Q1 and Q2. 2019. Not only that, Vietnam also ranked 7th in the number of botnet servers the most in the first quarter of 2019 and ranked 4th in the world in the release of spam (phishing emails) as well as has suffered many email attacks. , accounting for 5.09% of attacks worldwide.
Vietnam is among the top in the number of email attacks
Sophisticated tricks, businesses “careless”
At the Network Security Workshop held by Netpoleon on August 14th, Mr. Do Viet Thang - Deputy Director of the Center for IT & Network Security Monitoring (Government Cipher Committee) emphasized that Malware spread via email is the primary method hackers use to attack Vietnam’s information system. Specifically, according to the Cipher Board’s statistics on the last 29/7, the system of this unit has recorded more than 42,000 malicious attacks carried out through this route.
Explaining the cause of the current information insecurity in Vietnam, Mr. Thang commented that all came from human factors. Regarding phishing email attacks, mainly due to human perception and psychology, up to 90% of organizations and businesses will face this risk. Especially when phishing emails are pretended to be similar to the email addresses of superiors sent.
People are the main cause of information insecurity
In fact, it is easy for hackers to exploit the office email system by using open information sources or taking advantage of the addresses exploited from black websites, PDFs, etc. can create a bunch of fake emails that look like real emails.
For example:
Real email: @ netpoleons.com
Fake email: @ netpoloens.com
@ neploleons.com
@ netpoleom.com
Attack targets often target email accounts that trust victims and then commit fraudulent transfers. In particular, Vietnamese people often have the psychology of obeying orders from their superiors. Therefore, impersonating emails can cause employees to be caught off guard and easily fooled. “If you receive an email with the same address as your boss, up to 90% of users will ignore everything and click on the link in this letter. In fact, this is the source of malicious code, “Thang said.
With today’s sophisticated and malicious network attacks, it is easy to deceive users by designing realistic emails. E-mail users need to be extremely careful and raise awareness about information security in order to identify the tricks and stay away from them. For organizations, businesses need to take precautions, and always keep the email system “healthy” by using giải pháp bảo mật to prevent the intrusion of fake emails, because this is The most popular and effective infection tool for hackers.