{"id":10493,"date":"2025-07-16T12:37:32","date_gmt":"2025-07-16T05:37:32","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10493"},"modified":"2026-02-05T12:37:40","modified_gmt":"2026-02-05T05:37:40","slug":"canh-bao-lua-dao-tuyen-dung-nup-bong-thuong-hieu-lon-de-danh-cap-tai-khoan","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/07\/16\/canh-bao-lua-dao-tuyen-dung-nup-bong-thuong-hieu-lon-de-danh-cap-tai-khoan\/","title":{"rendered":"C\u1ea3nh b\u00e1o: L\u1eeba \u0111\u1ea3o tuy\u1ec3n d\u1ee5ng n\u00fap b\u00f3ng th\u01b0\u01a1ng hi\u1ec7u l\u1edbn \u0111\u1ec3 \u0111\u00e1nh c\u1eafp t\u00e0i kho\u1ea3n"},"content":{"rendered":"

M\u1ed9t chi\u1ebfn d\u1ecbch phishing tinh vi \u0111ang nh\u1eafm \u0111\u1ebfn ng\u01b0\u1eddi t\u00ecm vi\u1ec7c th\u00f4ng qua nh\u1eefng email tuy\u1ec3n d\u1ee5ng gi\u1ea3 m\u1ea1o, m\u01b0\u1ee3n danh c\u00e1c th\u01b0\u01a1ng hi\u1ec7u to\u00e0n c\u1ea7u nh\u01b0 Red Bull \u0111\u1ec3 t\u1ea1o ni\u1ec1m tin v\u00e0 \u0111\u00e1nh l\u1eeba ng\u01b0\u1eddi nh\u1eadn. \u0110\u00e2y kh\u00f4ng ph\u1ea3i l\u00e0 nh\u1eefng email l\u1ed9 li\u1ec5u hay vi\u1ebft sai ch\u00ednh t\u1ea3 nh\u01b0 c\u00e1c h\u00ecnh th\u1ee9c l\u1eeba \u0111\u1ea3o tr\u01b0\u1edbc \u0111\u00e2y m\u00e0 l\u00e0 nh\u1eefng th\u00f4ng \u0111i\u1ec7p \u0111\u01b0\u1ee3c tr\u00ecnh b\u00e0y chuy\u00ean nghi\u1ec7p, xu\u1ea5t hi\u1ec7n t\u1eeb nh\u1eefng \u0111\u1ecba ch\u1ec9 g\u1eedi t\u01b0\u1edfng ch\u1eebng \u0111\u00e1ng tin c\u1eady.<\/b><\/p>\n

\n
\"mail.png\"<\/div>\n<\/div>\n

Trong tr\u01b0\u1eddng h\u1ee3p n\u00e0y, email \u0111\u01b0\u1ee3c g\u1eedi t\u1eeb domain post.xero.com, m\u1ed9t \u0111\u1ecba ch\u1ec9 th\u1ef1c thu\u1ed9c h\u1ec7 th\u1ed1ng h\u1ee3p ph\u00e1p v\u00e0 v\u01b0\u1ee3t qua to\u00e0n b\u1ed9 c\u00e1c c\u01a1 ch\u1ebf x\u00e1c minh nh\u01b0 SPF, DKIM v\u00e0 DMARC. Nh\u1edd \u0111\u00f3, h\u1ec7 th\u1ed1ng l\u1ecdc th\u01b0 kh\u00f4ng \u0111\u00e1nh d\u1ea5u l\u00e0 \u0111\u00e1ng ng\u1edd v\u00e0 n\u1ed9i dung d\u1ec5 d\u00e0ng xu\u1ea5t hi\u1ec7n ngay trong h\u1ed9p th\u01b0 ch\u00ednh c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\n

Email gi\u1edbi thi\u1ec7u m\u1ed9t v\u1ecb tr\u00ed \u201cSocial Media Manager\u201d l\u00e0m vi\u1ec7c t\u1eeb xa v\u1edbi m\u00f4 t\u1ea3 r\u00f5 r\u00e0ng, l\u1eddi l\u1ebd l\u1ecbch s\u1ef1 v\u00e0 ng\u1eef c\u1ea3nh h\u1ee3p l\u00fd. V\u1ecb tr\u00ed c\u00f4ng vi\u1ec7c thu\u1ed9c l\u0129nh v\u1ef1c truy\u1ec1n th\u00f4ng, m\u1ea1ng x\u00e3 h\u1ed9i, h\u00ecnh th\u1ee9c l\u00e0m vi\u1ec7c linh ho\u1ea1t, ph\u00f9 h\u1ee3p v\u1edbi xu h\u01b0\u1edbng tuy\u1ec3n d\u1ee5ng hi\u1ec7n t\u1ea1i, \u0111\u1eb7c bi\u1ec7t sau \u0111\u1ea1i d\u1ecbch Covid-19. Ch\u00ednh y\u1ebfu t\u1ed1 quen thu\u1ed9c n\u00e0y khi\u1ebfn n\u1ed9i dung email d\u1ec5 d\u00e0ng v\u01b0\u1ee3t qua s\u1ef1 c\u1ea3nh gi\u00e1c ban \u0111\u1ea7u c\u1ee7a ng\u01b0\u1eddi \u0111\u1ecdc.<\/p>\n

Khi ng\u01b0\u1eddi d\u00f9ng nh\u1ea5p v\u00e0o li\u00ean k\u1ebft trong th\u01b0, h\u1ecd s\u1ebd \u0111\u01b0\u1ee3c \u0111\u01b0a qua m\u1ed9t trang reCAPTCHA, r\u1ed3i chuy\u1ec3n ti\u1ebfp \u0111\u1ebfn m\u1ed9t giao di\u1ec7n m\u00f4 ph\u1ecfng Glassdoor. Trang web n\u00e0y \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf g\u1ea7n nh\u01b0 kh\u00f4ng kh\u00e1c g\u00ec b\u1ea3n g\u1ed1c, t\u1eeb m\u00e0u s\u1eafc \u0111\u1ebfn b\u1ed1 c\u1ee5c, khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng r\u1ea5t kh\u00f3 ph\u00e1t hi\u1ec7n ra d\u1ea5u hi\u1ec7u b\u1ea5t th\u01b0\u1eddng. Sau khi nh\u1ea5n n\u00fat \u201cApply\u201d, ng\u01b0\u1eddi d\u00f9ng \u0111\u01b0\u1ee3c chuy\u1ec3n \u0111\u1ebfn m\u1ed9t trang \u0111\u0103ng nh\u1eadp Facebook. T\u1ea1i \u0111\u00e2y, n\u1ebfu \u0111i\u1ec1n th\u00f4ng tin \u0111\u0103ng nh\u1eadp, d\u1eef li\u1ec7u kh\u00f4ng \u0111\u01b0\u1ee3c g\u1eedi \u0111\u1ebfn Facebook m\u00e0 b\u1ecb chuy\u1ec3n th\u1eb3ng v\u1ec1 m\u00e1y ch\u1ee7 c\u1ee7a k\u1ebb t\u1ea5n c\u00f4ng m\u00e0 ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng h\u1ec1 hay bi\u1ebft.<\/p>\n

Ph\u00eda sau c\u00e1c trang gi\u1ea3 m\u1ea1o l\u00e0 m\u1ed9t h\u1ea1 t\u1ea7ng t\u1ea5n c\u00f4ng \u0111\u01b0\u1ee3c tri\u1ec3n khai b\u00e0i b\u1ea3n. T\u00ean mi\u1ec1n \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd g\u1ea7n \u0111\u00e2y, m\u00e1y ch\u1ee7 \u0111\u1eb7t t\u1ea1i AS-63023, m\u1ed9t m\u1ea1ng IP t\u1eebng li\u00ean quan nhi\u1ec1u chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng ng\u1eafn h\u1ea1n. Ch\u1ee9ng ch\u1ec9 HTTPS h\u1ee3p l\u1ec7 \u0111\u01b0\u1ee3c c\u1ea5p qua Let\u2019s Encrypt, lo\u1ea1i b\u1ecf ho\u00e0n to\u00e0n c\u1ea3nh b\u00e1o b\u1ea3o m\u1eadt th\u01b0\u1eddng th\u1ea5y. D\u1ea5u v\u1ebft TLS fingerprint cho th\u1ea5y s\u1ef1 tr\u00f9ng kh\u1edbp v\u1edbi c\u00e1c trang gi\u1ea3 m\u1ea1o kh\u00e1c t\u1eebng nh\u1eafm v\u00e0o ng\u01b0\u1eddi d\u00f9ng Meta v\u00e0 MrBeast, cho th\u1ea5y \u0111\u00e2y l\u00e0 m\u1ed9t b\u1ed9 kit l\u1eeba \u0111\u1ea3o c\u00f3 s\u1eb5n, thu\u1ed9c m\u00f4 h\u00ecnh phishing-as-a-service, cho ph\u00e9p b\u1ea5t k\u1ef3 ai c\u0169ng c\u00f3 th\u1ec3 tri\u1ec3n khai m\u00e0 kh\u00f4ng c\u1ea7n k\u1ef9 n\u0103ng qu\u00e1 cao.<\/p>\n

\u0110\u1ec3 tr\u00e1nh tr\u1edf th\u00e0nh n\u1ea1n nh\u00e2n c\u1ee7a c\u00e1c chi\u1ebfn d\u1ecbch l\u1eeba \u0111\u1ea3o d\u1ea1ng n\u00e0y, ng\u01b0\u1eddi d\u00f9ng n\u00ean l\u01b0u \u00fd m\u1ed9t s\u1ed1 \u0111i\u1ec3m quan tr\u1ecdng:<\/p>\n