Discovering Over 125,000 Fake Websites Impersonating Agencies and Organizations in July

The Authority of Information Security (AIS) revealed in its July report on cyber scams that the National Cyber Security Center (NCSC) identified 125 websites in July impersonating reputable brands, engaging in online fraud.

Out of the 125 newly found websites, 52 mimicked banks, financial institutions, and e-wallets, making up 41 percent. Meanwhile, websites imitating major e-commerce platforms like Lazada, Shopee, Tiki, and Sendo represented 37 percent of the total fraudulent websites uncovered in July.

The list of bogus websites also encompassed those posing as news portals of government agencies and organizations such as the General Department of Taxation (GDT), Vietnam Social Insurance, Ministry of Justice, Government Inspectorate, and Government Office.

The surge in online scams is evident in the rise of user-reported scams. In July 2024, almost 6,800 reports were submitted to NCSC via canhbao.khonggianmang.vn.

Approximately 1,700 complaints and reports were received each week, highlighting that fake websites of banks and e-commerce platforms remained predominant.

As per Viettel Cyber Security, online scams have seen a steady increase in the initial months of 2024. Viettel Threat Intelligence identified 2,400 phishing domain names targeting users and clients of prominent entities in Vietnam, marking a 1.2 times increase from the previous year.

The system also flagged and alerted 496 websites unlawfully impersonating brands of significant institutions in Vietnam, quadrupling from the same period in 2023. The financial and banking sector faced the highest cyberattack occurrences, with 71 percent of the attacks geared towards this field.

Viettel Cyber Security’s specialists identified the three prevalent scam tactics employed by hackers in their early 2024 assaults: masquerading as credit card-linked services; posing as authorities and persuading users to install malicious Android applications on their mobile devices; and pretending to be lenders offering help in recovering capital and suspended funds.

AIS advised units, organizations, and businesses to scan their information systems to uncover websites impersonating them, issue alerts to service users to thwart scam operations.

Experts suggested that users be vigilant of warning signs, utilize secure browsers, verify secure connections, exercise caution with emails and links, refrain from clicking on unidentified email links, and adopt additional authentication measures.