According to Bkav, a global cyberattack campaign called ClickFix is targeting Vietnam with the target of hotels, homestays, resorts and accommodation facilities. Bad guys impersonate famous booking platforms such as Booking.com, Expedia... sending emails with content like "Booking confirmation", "Customer complaint", "Payment update", "Cancel booking"... disguised as real emails and attaching links or Excel files of fake invoices/booking information containing viruses.
Warning about emails containing viruses impersonating Booking.com
PHOTO: BKAV
Because it is difficult to distinguish between real and fake emails, users are easily caught off guard, clicking on a link or opening an attachment will activate the malware. From there, hackers can take control of the device, steal customer data leading to personal information leakage or install additional spyware to penetrate deeper into the system.
According to research by Bkav experts, the ClickFix attack campaign uses PureRAT, a type of remote access malware (RAT - Remote Access Trojan) to monitor user activities, steal passwords, expand the scope of internal attacks, hide for a long time and are difficult to detect. More worryingly, ClickFix shows signs of operating under the "Attack-as-a-Service" model, meaning hackers can buy ready-made tools and attack without needing advanced technology.
Vietnam has tens of thousands of accommodation establishments including hotels, homestays, resorts... that are present on famous booking platforms such as Booking.com, Agoda, Traveloka, Airbnb... This is also the group that is easily victimized because receptionists and booking departments are often not properly trained in cybersecurity, and are easily fooled by fake booking emails with almost real interfaces.
Bkav recommends that as the New Year and Lunar New Year holidays are approaching, the demand for travel bookings is increasing, so people and accommodation staff need to be highly vigilant. Specifically, carefully check the email address sent; do not open attachments or strange links; prioritize accessing booking platforms using official applications or homepages; install email monitoring systems, anti-virus software, and comprehensive anti-malware solutions because the software available with the operating system is only designed to meet the basic protection needs of customers and is not capable of fighting ransomware and modern viruses that are designed to stay in the system for a long time and penetrate deeply.
Source: https://thanhnien.vn/khach-san-homestay-tai-viet-nam-bi-tan-cong-qua-email-gia-mao-bookingcom-185251117110004398.htm
![[Photo] General Secretary To Lam and National Assembly Chairman Tran Thanh Man attend the 80th Anniversary of the Traditional Day of the Vietnamese Inspection Sector](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/11/17/1763356362984_a2-bnd-7940-3561-jpg.webp)
Comment (0)