In the digital age, social media accounts, especially Facebook, are not only tools for connecting with the community but also "digital assets" containing a wealth of personal information, transactions, and even income. Recognizing this, scammers are becoming increasingly sophisticated, using tactics like sending fake emails to trick users into voluntarily handing over their accounts.
The trap preys on panic.
According to the Long An Provincial Police, a new and highly sophisticated online scam campaign is targeting Facebook users, exploiting a legitimate Google service to bypass email security systems.
Specifically, cybercriminals used Google AppSheet software, which doesn't require Google's code, to send a large number of phishing emails. Because they were sent from Google's "@appsheet.com" address, these emails easily bypassed Microsoft's domain reputation and authentication mechanisms (such as SPF, DKIM, DMARC) as well as Secure Email Gateways (SEG), making them appear as legitimate mail in victims' inboxes.
Each email is also generated with a unique ID, making it difficult for traditional detection systems. The content of these emails mimics notifications from Facebook, informing users that they have violated intellectual property rights and their accounts will be deleted within 24 hours. To avoid account suspension, users are asked to click the "Submit an Appeal" button.
When clicked, the victim will be directed to a fake landing page designed to look exactly like the Facebook login page.
Notably, this fake website was hosted on Vercel, a reputable platform, further increasing the credibility of the entire scam.
Here, if the user enters their login information and two-factor authentication (2FA) code, all this data will be sent directly to the attacker.
The scam is even more sophisticated when the first login on the fake site often displays a "wrong password" message, prompting the victim to re-enter the password to confirm their information.
More dangerously, once provided, the 2FA code can be immediately used by criminals to steal the session token from Facebook, allowing them to maintain access to the account even after the victim has changed their password.
Ms. Nguyen Thi Thu H. ( Hanoi ) received an email notification stating, "Your Facebook account has violated community standards and will be locked in 24 hours." Fearing the loss of her online business account, she immediately clicked on the link in the email to "file a complaint."
The website looked exactly like Facebook's interface. Without a doubt, she entered her username and password. Just a few minutes later, her account was compromised. The hacker changed all the security information and sent messages to dozens of her friends asking for loans, accompanied by very credible images and information. One close friend transferred 10 million VND before discovering the incident.
Being cautious is protecting yourself.
Given the current state of fraud, the Cybersecurity Department advises email users to be highly vigilant. Absolutely do not click on strange links, and do not provide personal information to websites of unknown origin.
According to the Cyber Security and High-Tech Crime Prevention Department of the Long An Provincial Police, users should be extremely vigilant about emails requesting urgent action or personal information, even if they appear to come from a trustworthy source. Always carefully check the sender's address and do not click on suspicious links.
Speaking with a reporter from Tri Thuc va Cuoc Song newspaper , lawyer Nguyen Ngoc Hung - Head of Ket Noi Law Office (Hanoi Bar Association) said that in the digital age, the hijacking of social media accounts, especially Facebook accounts, through methods such as fake emails is becoming increasingly common. In many cases, after hijacking an account, fraudsters impersonate the account owner to scam relatives and friends in order to steal their assets.
According to current law, if an individual's account is compromised through a fraudulent email, the user is the victim, not an accomplice or an accomplice. Therefore, unless there is evidence of intent or serious fault on the part of the account holder, they will not be prosecuted criminally or civilly for fraud committed by the perpetrator. However, if the user is aware that their account has been compromised but fails to promptly warn, report the incident, or acts negligently or irresponsibly, leading to damage to others, they may be considered for indirect civil liability – according to the principle of compensation for damages outside of contract as stipulated in the 2015 Civil Code.
Upon realizing their account has been compromised, users need to take several actions to prevent further harm to themselves and others, as well as to protect their legal standing. Users should report the account breach. This allows Facebook to temporarily lock the account to prevent the hacker from continuing to use it. Simultaneously, record videos or screenshots of any unusual activity, such as fake emails, strange login notifications, or phishing messages sent from their account. This evidence is crucial in case of disputes or when reporting criminal activity. Use another account or ask a friend or acquaintance to widely publicize the hacked account and advise everyone not to transfer money, provide OTP codes, or personal information if they receive suspicious messages. Contact and report the incident to the local police for investigation and legal action. After regaining access, users should change their password to a strong one, check and log out of all unfamiliar devices to ensure account security. In case the account is used for fraud or to distribute illegal content, it is necessary to cooperate with authorities to handle the violations and avoid causing harm to others.
Therefore, those whose Facebook accounts are stolen via phishing emails are victims and are essentially not legally responsible for the perpetrators' actions. However, proactively reporting, warning, and cooperating with authorities not only helps protect one's own rights but also contributes to preventing illegal activities and minimizing damage to the online community. In all cases, users should remain calm, refrain from responding to or transferring money to scammers, and always cooperate closely with authorities to handle the matter legally and effectively.
The Anti-Fraud Project has just updated its website to a new version, adding chatbots and AI tools to identify phishing websites on the Internet.
Users can access the website chongluadao.vn and enter the link they want to check. The system will compare the link with the Anti-Fraud database and third-party partners, then return a result indicating whether the website is safe, dangerous, or lacks clear data.
If you want to use AI, simply click "Further analysis using AI." The tool will then analyze the website based on various factors such as suspicious domain names, illegal content, risky links, unusual hosting usage, etc.
Based on this data, the AI will synthesize the factors and provide a risk assessment on a 10-point scale. Suspicious details about information and images on the website are also analyzed and displayed on the results page.
The Anti-Phishing Project, co-founded in 2020 by cybersecurity expert Ngo Minh Hieu, aims to support the verification of trustworthiness and provide warnings when accessing unsafe websites. Users can contribute data by reporting malicious links on chongluaodao.vn.
Source: https://khoahocdoisong.vn/lua-dao-qua-email-nham-chiem-quyen-kiem-soat-facebook-post1550633.html
Comment (0)