The Top 5 Malware Codes Targeting Vietnamese Users Through Phishing Emails.

a man is fishing with a net. high quality photo

A startling 18 million phishing emails made an effort to get past firewalls in 2020. Because of insufficient cybersecurity precautions, it targeted recipients who weren’t expecting it. Surprisingly, half of those emails were effective at tricking recipients into clicking on fake links. As a result, a sizable number of victims became the prey of cybercriminals. This emphasizes the critical need for enhanced cybersecurity and increased knowledge of the risks associated with phishing assaults.

Phishing, the most popular form of social engineering attack, has detrimental impacts on a lot of businesses and the public. A misleading email’s main goal is to lead the receiver to believe it comes from a reliable source, such as a respectable business or bank. A phisher seeks to get private information from their victim, such as login credentials, passwords, financial data, or other sensitive data.

Malware may be downloaded onto a victim’s device by clicking a link or downloading a file from a phishing email. They may occasionally be sent to a false website where they are asked to enter sensitive data. In an effort to persuade the recipient to take immediate action, these emails may sometimes contain language that is threatening or urgent.

A closer look at how the malware codes are costing businesses billions.

According to the Kaspersky phishing record for 2021, Vietnam has the most email phishing attacks among the Southeast Asian nations. Kaspersky reported and banned 11.2 million phishing URLs globally, with 4 million of those links originating in Vietnam. Although Vietnam is not the only nation on the list, its cybersecurity efforts are insufficient to reduce the danger of cybercrime. Malaysia and Indonesia have also been included on the list for a long time.

According to BKAV Corporation, Vietnamese businesses have seen a high volume of phishing assaults in 2022, with a potential loss of VND 21.2 trillion by 2022. Yet, due to the value of its currency, Vietnam’s loss, that is equal to 0.24% of GDP, is one of the lowest globally.

 The five most prevalent malware codes used for phishing attacks in Vietnam are:

1.      Macro – a collection of instructions or commands that may be used to run a software program It starts with a virus that attacks the victim’s devices with destructive software. Users frequently receive macro-malware in email attachments. It consists of a group of orders or guidelines that a software program can follow. The user can get a popup asking them to approve the macro when they open the attachment or document to read the information. The virus is launched if the user agrees to the macro. Malicious software, also referred to as “macro,” can also be disseminated by way of hacked websites or external storage units like USB drives.

2.      PasswordStealer – It is Trojan software that operates in the background and stealthily acquires information from the system. This malware regularly steals stored usernames, passwords, and other crucial credentials, in addition to other private information. The machine is therefore compromised by the installation of malicious website software. The malware also instructs the infected device to perform illicit acts, such as spamming, over the internet. The fact that this virus doesn’t manifest any symptoms when it infects a gadget is the most worrying element. Pretty cunning, huh? Also, it has the ability to disable Windows security measures like antivirus software.

3.      FileStealer – The only purpose of a filestealer is to steal data. It spreads through USB and impersonates legitimate document files by mimicking the PDF and Microsoft Office symbols. It launches and starts working in the background. It looks for documents with the DOCX, XLSX, and.doc file extensions before transferring them to the hacker’s website.

4.      Advanced Persistent Threat (APT) – a type of cyberattack in which a hacker enters a network over a prolonged period of time without being discovered. APT attacks usually try to steal private information, such as credit card numbers, business secrets, or intellectual property. The attackers could also make an effort to harm the targeted business or destroy operations.

5.      Ransomware – It is a form of malware that encrypts the data of a victim. The attackers offer to restore file access when the victim pays the ransom. Email phishing scams are the most common delivery technique. An email from what appears to be a trustworthy source, such as a government agency, may be received by a victim. The victim’s computer becomes infected with ransomware if they click the link or download the file that is attached to the email.

Once activated, the ransomware often searches the computer for particular files. For instance, a document or image may be encrypted using a strong encryption method. Afterwards, typically in the form of a “lock screen” or a splash window, a ransom demand will manifest. The victim won’t have access to their own information. Usually, the attackers give the victim a window of time to pay the ransom. The decryption keys are deleted once the allotted time period has passed.

The dangerous impact of PasswordStealer and APT.

The most deadly virus, called PasswordStealer, has infected 525k machines in Vietnam alone with 15k variations. Throughout the process of gathering data from the victim’s Facebook, bank, e-wallet, and Gmail accounts, Even two-factor authentication can be disregarded. APT launched many attacks on corporate and commercial targets last year, seriously harming Vietnam. And the source of all of this malware is a well-known phishing tactic: an email with a link attached that, when clicked, downloads the infection. As soon as it happens, malicious software and files are installed so that the hacker may take over the device.

What are the cyber-safe habits to keep in mind?

As technology develops, cybercrime like malware attacks have become more unexpected and inventive, however, there are a few techniques to lower the risk, such as:

  • Install anti-spyware software programs and keep them up-to-date.
  • Use secure network.
  • Keep a strong and unique password and save it in password manager in time of crisis.
  • Keep a right tool enabled that safeguards your email authentication, such as DMARC.
  • Limit the privileges of applications and software programs.
  • If you are a company, giving proper training and awareness to your workforce is a must.
How DMARC can assist?

In recent years, email fraud has greatly increased. Preventive measures have also advanced over time, from straightforward CEO fraud to complex phishing emails. An additional aid in thwarting social engineering assaults like phishing may come from the right instrument. Businesses should also enforce strong security policies and give their staff the necessary cybersecurity training.

For instance, the email authentication tool DMARC, (Domain-Based Message Authentication, Reporting, and Conformance) stops fraudulent email from arriving in the recipient’s mailbox. To ascertain if an email is genuine or not, it makes use of DKIM (domain key identified mail) and SPF (sender policy framework). Using DMARC will stop domain spoofing and email fraud. Nobody will be able to send emails without your knowledge in your name or the name of your company. You can prevent your email domain from being used to send phishing emails to other individuals as a corporation or an individual. The reputation of your company is defended in this way. With a DMARC record, it also allows you to determine who is attempting to impersonate you and what the subject of the phishing email is.

Modern technology makes it challenging to avoid cybercrime, but we can still practice cyber safety and spread knowledge. We can make it difficult for a hacker to mimic you by using the appropriate tool at the appropriate location.

To learn more about DMARC, book a free demo!

Comments are closed.

Google & Yahoo’s new bulk email sender requirements coming live on February 1, 2024. Are you ready?