CyRadar, a cyber security company, on February 3, 2021 released a warning about the two groups of hackers who specialize in carrying phishing that target users of 27 commercial banks and e-wallets.
CyRadar’s Duong Thanh Hai said the company’s monitoring system recently discovered two IP server addresses used to place phishing websites. Since January 2021, 180 fake domain names have been found pointing to the two servers.
The first malicious server cluster has the IP address “193[.]abc[.]xyz[.]41”, which has placed a lot of websites with the domain names forging Military Bank and Techcombank, such as mbtk-bank[.]com, mbho-bank[.]com, mbmaybank[.]com, techvncom-bank[.]com, vntechcombank[.]com, techcomvn-bank[.]com, and vn-techcombank[.]com.
Meanwhile, the server cluster with the IP address “167[.]abc[.]xyz[.]51” targets many banks and e-wallets with the forged domain names such as hosomat2021[.]com, xacnhangiaodich165[.]com, giaisukien2021[.]com, tranggiaiviet2021[.]com, thutucvayvonvn[.]com, tracuutheonline[.]com, giaitang168[.]com, tinquathang2[.]com, traoquafb2022[.]com, hosovn2021[.]com, gamezingvn[.]com, hethongbank[.]com, yvtcvn[.]com, quanammoi2021[.]com, tinthuongthang2[.]com, inthuongthang2[.]com, traothu2021[.]com, giaitang2021[.]com, traoquaxe09[.]com, traoquaxe78[.]com, vtcpayvn[.]com, sukienxuan2021[.]com, trunggiai2021[.]com, xacminhgiaodich[.]com, xuan2021[.]com, mualegiai2021[.]com, legiaivang365[.]com, phanqua2021[.]com, and trianthang2[.]com.
The forged domain names assume the names of 27 banks in Vietnam and the best known e-wallets. There are also some domain names targeting social network users and gamers.
The experts from CyRadar commented that cybercriminals are increasing their operations, as the number of online transactions has increased on pre-Tet days.
The Vietnam National Cyber Security Center (NCSC) warned of five prominent cyber attack trends in 2021, including phishing attacks.
One of the reasons for the warning is the unpredictable development of the Covid-19 pandemic. Hackers may exploit the volume of information related to vaccines, governments and organizations’ reactions, and long-term impacts of the pandemic to conduct phishing attacks.
Thr trend of working from a distance also increases the risk of cyber threats.
Because of the limited awareness of many users, the number of phishing attacks accounts for the largest proportion among three types of cyberattacks to information systems. The other two include Deface and Malware attacks in the last three years.
NCSC discovered 5,168 cyberattacks to information systems in Vietnam that caused incidents, including 1,778 phishing attacks.
To avoid phishing attacks, experts have recommended users not to click abnormal links and thoroughly check the addresses of websites before entering passwords.
They also advised users to set OTP (one time password) for email, bank and social network accounts, as well as equip their computers and smartphones with suitable security software to protect their devices.