Beware of new malware impersonating Google Chrome to trick people into stealing information

The situation of property fraud in Vietnam's cyberspace is becoming increasingly complex with many new and sophisticated tricks. During the week from April 15-21, the Department of Information Security (Ministry of Information and Communications) continues to support people in identifying and avoiding some common online fraud traps:

Warning about renting and buying bank accounts for fraud

Recently, according to the authorities, scammers often use rented or purchased bank accounts to transfer and receive money from victims, then launder money using various methods. The subjects post information about renting or buying bank accounts on forums, social networking groups or approach low-income workers, people with little knowledge of the law or students to rent them to open bank accounts for a price of 500,000 - 1 million VND/account. After opening an account, the account owner must hand over to the subject the Internet Banking login information, the phone SIM card used to register the account, the bank card, etc.

To avoid assisting criminals or being involved in illegal activities, the Information Security Department recommends that people take measures to ensure personal information security, do not share personal information or bank account information with strangers; Say no to any offers to rent or sell bank accounts. In case of detecting activities of buying or selling bank accounts, people need to immediately report to the police.

People also need to learn about the risks and legal consequences of leasing or selling bank accounts. In many cases, the account holder may be considered an accomplice to the subject or will be prosecuted."Crime of illegally collecting, storing, exchanging, buying, selling, and publicizing information about bank accounts"prescribed in Article 291 of the Penal Code 2015, amended and supplemented in 2017.

Seizing nearly half a billion dong with the trick of selling used cars

Two subjects HVC and NAV residing in Bac Giang were recently prosecuted by Lang Son police for fraud and property appropriation. To defraud victims of car deposits, the two subjects used fake Facebook accounts under other people's names, used technology to create fake car salon images as Facebook account backgrounds, used images of used cars on the internet to advertise for sale at cheap prices, and used phone numbers and bank accounts under other people's names to receive deposits. By the time of their arrest, the two subjects had defrauded nearly 100 people and appropriated about 500 million VND.

The Information Security Department advises people to be careful when buying and selling on social networks and e-commerce platforms; Check and carefully research information about the seller; Only transact when the level of reputation has been confirmed and ensure that the seller has sufficient detailed information about the product, quality images, and accurate descriptions. People should not buy products of unknown origin or at prices much cheaper than the market to avoid buying poor quality goods or having their property stolen.

Lost nearly 3 billion VND when being tricked into participating in online sales

A resident of Hanoi recently had more than 2.7 billion VND stolen when participating in investing in selling goods to receive commissions on carousell888.com, a website impersonating Singapore's Carousel e-commerce site. This victim was instructed to open a booth, post products provided by the subject, and when customers placed orders, pay the warehouse that provided and shipped the goods to the customers. When the amount of orders reached billions of VND, the victim could not withdraw the money. The subject continued to give many reasons to cheat the victim out of more money.

The Information Security Department recommends that people be vigilant against calls and invitations to become collaborators on fake e-commerce sites; be vigilant when receiving friend requests on social networks, carefully check the personal information of the account owner by monitoring the account's activity history or through traditional communication such as phone calls, face-to-face meetings, and video calls. When deciding to invest, people need to carefully check the legality of e-commerce platforms through the e-commerce management system of the Ministry of Industry and Trade.

Impersonating the People's Security Academy to trick people into helping them get back their lost money

Recently, a fake Facebook account of the People's Security Academy appeared to help victims recover money they had previously been scammed. Taking advantage of the psychology of those who had been scammed and wanting to get their money back, the subjects relied on the image of the People's Security Academy to create trust with the victims. When someone contacted them, the subjects instructed the victims to pay a fee for support or to do tasks to withdraw money from the system. After the victim transferred the money, the subjects informed them that the bank account had an error and would not allow them to withdraw the money.

Emphasizing that this form of fraud has been warned many times, the Information Security Department recommends that people raise their vigilance and equip themselves with knowledge to protect themselves on social networks. The most important thing is that people do not provide personal information to anyone, because information disclosure will lead to many worrying consequences. People should not look for social networking sites that introduce ways to get back the money they have been scammed, to avoid falling into the trap of scammers.

Cybercriminals impersonate LastPass employees to hack password vaults

LastPass, a password management service provider, has issued a warning about a malicious campaign targeting its users with the CryptoChameleon phishing kit linked to cryptocurrency theft. The attackers are using a variety of sophisticated techniques, including voice phishing, to contact potential victims, pretending to be LastPass employees trying to help secure accounts after discovering unauthorized access.

The Information Security Department recommends that users of popular password management services be cautious of suspicious phone calls, messages or emails claiming to be from LastPass. Users should never share personal information or follow the requests or instructions of the subject without verifying their identity. If they encounter such a situation, users should report it to LastPass via the address 'abuse@lastpass.com' for support.

New malware "Mamont" impersonates Google Chrome to steal information

Security researchers have recently discovered a new Android banking trojan called 'Mamont' that disguises itself by impersonating the popular Google Chrome web browser to steal information such as passwords, texts, photos, and contacts from users. Currently, the malware only targets Russian speakers, but experts say it won't be long before the threat actors behind 'Mamont' expand their targets.

To avoid becoming a victim of personal information theft and malware, the Information Security Department recommends that people should be careful with strange links, absolutely do not download software of unknown origin; Do not provide sensitive personal information such as citizen identification number, credit card number, bank account number, OTP code...

Additionally, since the malware has the same icon as Chrome, it is difficult for users to distinguish. To stay safe from Android malware, users should avoid downloading and installing apps from untrusted sources. When installing an app, users should also pay attention to the permissions that the app requests.