According to Bkav, a global cyberattack campaign called ClickFix is targeting Vietnam with the target of hotels, homestays, resorts and accommodation facilities. Bad guys impersonate famous booking platforms such as Booking.com, Expedia... sending emails with content like "Booking confirmation", "Customer complaint", "Payment update", "Cancel booking"... disguised as real emails and attaching links or Excel files of fake invoices/booking information containing viruses.
Because it is difficult to distinguish between real and fake emails, users are easily caught off guard, clicking on a link or opening an attachment will activate the malware. From there, hackers can take control of the device, steal customer data leading to personal information leaks or install additional spyware to penetrate deeper into the system.
According to research by Bkav experts, the ClickFix attack campaign uses PureRAT, a type of remote access malware (RAT - Remote Access Trojan) to monitor user activities, steal passwords, expand the scope of internal attacks, hide for a long time and are difficult to detect. More worryingly, ClickFix shows signs of operating under the "Attack-as-a-Service" model, meaning hackers can buy ready-made tools and attack without needing advanced technology.
Vietnam has tens of thousands of accommodation establishments available on popular booking platforms such as Booking.com, Agoda, Traveloka, Airbnb... which are vulnerable to being victims because receptionists and reservation staff are often not properly trained in cybersecurity and are easily fooled by fake booking emails with almost real-looking interfaces.
Before this cyber attack, residents and accommodation staff need to be highly vigilant, carefully check the email address sent, do not open attachments or strange links, and prioritize accessing booking platforms using official applications or websites.
Bkav also recommends that units and individuals should install email monitoring systems, anti-virus software, and comprehensive anti-malware solutions because the software available with the operating system is only designed to meet the basic protection needs of customers and is not capable of fighting ransomware and modern viruses that are designed to stay in the system for a long time and penetrate deeply.
Source: https://www.sggp.org.vn/clickfix-tan-cong-mang-vao-cac-khach-san-va-co-so-luu-tru-viet-nam-post823852.html
![[Photo] General Secretary To Lam and National Assembly Chairman Tran Thanh Man attend the 80th Anniversary of the Traditional Day of the Vietnamese Inspection Sector](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/11/17/1763356362984_a2-bnd-7940-3561-jpg.webp)
Comment (0)