Why are old scams still effective? - Last article: Be alert to tricks

Identify three groups of fraud signs

In a context where online scams are constantly evolving, timely identification of unusual signs is considered the first line of defense for users. Many cybersecurity experts believe that, despite changes in technology, most scams revolve around three signs that can be observed with the naked eye, without requiring complex technical knowledge.

According to the National Cyber ​​Security Association (NCA), the first group of signs is often impersonation. The subjects deliberately create a familiar shell by using a display name that closely resembles the real organization, copying the logo or exploiting the accounts of acquaintances who have been taken over. Even a misspelled domain name, a misspelling or an unusual style of expression can be a warning sign.

The second sign is creating a sense of urgency. Messages like “account about to be locked,” “overdue bill,” or “summons issued” are designed to make the recipient lose their cool and react immediately. Cybersecurity experts say this is a highly manipulative psychology: the more fearful a user is, the more likely they are to click on a strange link or provide information without verifying it.

The third sign is the lure of convenience or quick benefits. QR code payment links, quick login pages, or invitations to install free apps are often used to steal data. Even PDF or Word files, which are familiar in the office environment, can contain malware if they come from an unknown source.

It can be seen that recently on December 4, Bkav issued a warning about a new attack campaign called “Hanoi Thief” targeting Vietnamese businesses with emails disguised as job applications. The file “Le Xuan Son CV.zip” actually contains the malware LOTUSHARVEST, which is capable of collecting passwords, login cookies and browser access history and sending it to the hacker’s server.

According to Mr. Nguyen Dinh Thuy, a malware analyst at Bkav, this trick is “meticulously prepared, targeting the recruitment department, which regularly receives applications from outside but is not fully equipped with cybersecurity awareness”. LOTUSHARVEST can hide deep in the system, automatically re-run when the computer is started, thereby maintaining long-term control. Just one click on the attachment is enough to open the door for hackers to penetrate the internal system, steal data and deploy many subsequent stages of attack.

Digital self-defense is not just the user's responsibility

While identifying the signs helps users “avoid traps”, coping skills and digital self-defense habits determine the extent of damage. According to specialized police forces, most victims are deceived because they act too quickly, do not verify information and lack self-protection principles in the online environment.

In the recommendations recently issued by NCA, Mr. Vu Ngoc Son, Head of the NCA's Research, Consulting, Technology Development and International Cooperation Department, emphasized the principle of "3 no - 3 fast": do not trust absolutely, even when there is a video call; do not install applications from strange links; do not transfer money without verification; quickly look up; quickly disconnect when suspected of manipulation; quickly report to authorities when there are signs of fraud.

Mr. Son also said that combining three layers of defense including legal, technology and user skills is very necessary. Because unusual transaction warning systems, multi-layer authentication and link checking tools help reduce risks but cannot replace users' caution.

In the business environment, international experts have made many recommendations to limit the risks from malicious content and files. Dr. Jeff Nijsse, senior lecturer in Software Engineering at RMIT, said that organizations need to build a “Zero Trust” culture, which means not trusting any link or file by default. Cross-verification processes, asking the sender through another channel before opening the file and setting up a quick support channel for the IT department are considered important measures to prevent malware attacks, especially through familiar PDF and Word files.

In the field of education , RMIT experts recommend that schools should strengthen digital mental health education, helping students understand the harmful effects of toxic content and the phenomenon of “secondary trauma”. Instead of absolute prohibition, it is important to help children develop the skills to analyze information, identify risks and know how to seek help when needed. This view is also supported by many international organizations such as UNICEF.

Digital self-defense does not depend only on individuals. According to Mr. Vu Duy Hien, Deputy Secretary General and Chief of Office of NCA, information security is the responsibility of the entire ecosystem. Therefore, social networks must handle fake accounts faster, e-commerce platforms need to clearly warn about off-platform transactions, banks continue to upgrade authentication mechanisms, and authorities step up the handling of spam messages and fraudulent websites.

Therefore, only when users are vigilant, businesses raise their safety standards, and authorities strengthen supervision, will cyberspace become safer, even though scams continue to evolve.