Zalo users need to be very careful because if they accidentally click on the document file, the malicious code will be automatically downloaded to the user’s phone and computer.
Recently on social networks is sharing information about the appearance of a Zalo account impersonating the Ministry of Health. Accordingly, this is definitely a fake account, because it is set up as a personal account. While, this logo and account name all use information and images of the Ministry of Health.
According to the online community, this account actively sent messages with information about the epidemic situation. Along with that, the account holder also attached a doc file called “MEDICAL DECLARATION FORM”, with a recommendation to the message recipient about the need to make a complete medical declaration according to this form.
|Strange Zalo account impersonating the Ministry of Health.|
However, there are signs that this is a trick to install malicious code by scammers. According to a network security expert, when analyzing the attached document file, although it is shared as a .doc file, the inside of this document file is in the form of .MHT.
In case the downloader opens this file, the commands contained in the file will trigger the download of the malicious file at the netw-man****.com website. This is clearly a trick to install malicious code on Zalo users’ devices both in the web version and on the app.
This is not the first time there have been cyber attacks and scams in the name of the Ministry of Health. Previously, according to the National Cyber Safety Monitoring Center (NCSC), some websites took advantage of people’s anxiety about health to fake information about applying for Covid vaccine vaccination subsidies. -19 and scam money bailout. In which, there are 2 main domain names being used by the objects: honap***.vn and minib***.vn.
Faced with the increasing frequency of such incidents, people need to be very vigilant and always have a precautionary mentality to protect themselves against the tricks of scammers. To distinguish, usually communication channels on social networks of agencies, organizations, units or celebrities often have “green ticks”. In addition, users should absolutely not download files, document files or click on strange links sent from an unknown account.
“Matrix” of spam messages advertising gambling, showing how to make money online
People should be wary of spam messages of unknown origin, especially those that advertise gambling and other forms of making money online.