Many scammers have used sophisticated tricks aimed at users to install malicious code. If you are not alert, you can become a victim of hackers at any time.
Beware of getting infected with malicious code, losing your bank account because of following strange emails
Mr. H – an office worker in Hoang Mai, Hanoi suddenly received a strange email with the title of USPS (US Postal Service Company).
The content of the email said that a package of Mr. H was sent to the destination on August 3, 2021. However, this package will be returned due to a problem, possibly originating from the recipient’s address. The mailing side instructs Mr. H to access a link in the email if he wants to request to resend the order.
Never used the service of USPS, but out of curiosity, Mr. H decided to click on the link. Mr. H was then directed to a web page with a blank interface. Suspicious of the above results and tried to search for information online with related keywords, at this time, Mr. H knew that he had become the victim of an online scam.
|Scammers distribute spam messages under the name of USPS to lure users to click on strange links.|
Stories like Mr. H’s are not rare in today’s online world. In this case, the bad guys carried out the attack through the email sending service Sendgrid to be able to send a large number of emails at once, bypass filters, and even measure the impact of those emails on the network. the target audience to adjust.
According to US security company Cyren, phishing attacks via Sendgrid are on the rise. Phishing emails distributed by this service often impersonate the brands of global companies to gain trust to carry out phishing attacks. The victim is then tricked into clicking on a link to the scammer’s website.
|Anyone can fall victim to cyber hackers.|
When clicking on the above link, it is likely that a malicious code has been installed on the computer without Mr. H’s knowledge. This malicious code will then silently collect information such as passwords, accounts, keystrokes or sensitive images in the machine to send to the spreaders.
Not only spreading malicious code, in these attacks, bad guys can also trick victims into accessing fake websites with the same interface as the website of a financial institution or bank in order to steal information. login and password.
How to spot the tricks of a phishing email
Phishing attacks have been around for a long time. This is one of the simplest but dangerous forms of attack because the target audience is humans, the weakest link and the most easily exploited. However, there are different ways to spot scammers’ tricks.
Usually, bad guys will impersonate an agency, organization, business or individual that users trust to send phishing emails or links containing malicious code. Therefore, it is necessary to carefully check the email address sent to, to avoid being deceived by a fake address with a structure similar to the real address.
Next, pay attention to the subject of the email. A malicious email may contain a username in the subject line or a blank subject line. This is something to be wary of because regular emails always have subject lines and rarely mention usernames directly.
|Recently, Vietnam is one of the targets of cybercriminals.|
The most important thing is in the body of the email. Be wary if an email is sent with content related to verification, requests for personal information, announcements about winning prizes or about the delivery of a parcel or money.
Phishing emails often lead users to visit a link containing malicious code or a website with a fake interface to steal information. When encountering suspicious situations, users absolutely must not click on links that lead to strange websites.
In addition, users also need to be wary of files attached to emails. This is necessary even if these attachments have file extensions as common files such as .pdf, .doc or .xls. Most likely, hidden in those attachments are programs that are installed to automatically download malicious code to the user’s computer.
With attachments, users should use online tools (Google Doc, Google Excel) to open them. In case these tools report an error or cannot read the documents, there is a high chance that this is a phishing file. Users should immediately delete this document file to avoid clicking by mistake.
If before, users could only prevent and fight malicious code with anti-virus software, but now, they can choose information security solutions from network service providers themselves.
Unlike anti-virus software, which often causes “heavy machine” situation, choosing the best network security solutions is considered the best measure to eliminate phishing emails and protect users against malicious attacks. potential risks in the network environment.
Appeared Zalo account impersonating the Ministry of Health to send files containing malicious code
Zalo users need to be very careful because if they accidentally click on the document file, the malicious code will be automatically downloaded to the user’s phone and computer.