{"id":2065,"date":"2025-10-07T16:44:13","date_gmt":"2025-10-07T09:44:13","guid":{"rendered":"https:\/\/kienthucmo.com\/?p=2065"},"modified":"2026-01-24T20:54:45","modified_gmt":"2026-01-24T13:54:45","slug":"tim-hieu-phishing-co-che-tac-hai-va-bien-phap-bao-mat","status":"publish","type":"post","link":"https:\/\/kienthucmo.com\/vi\/tim-hieu-phishing-co-che-tac-hai-va-bien-phap-bao-mat\/","title":{"rendered":"T\u00ecm Hi\u1ec3u Phishing: C\u01a1 Ch\u1ebf, T\u00e1c H\u1ea1i v\u00e0 Bi\u1ec7n Ph\u00e1p B\u1ea3o M\u1eadt"},"content":{"rendered":"\n<p>Trong th\u1eddi \u0111\u1ea1i s\u1ed1 h\u00f3a, khi m\u1ecdi ng\u01b0\u1eddi ng\u00e0y c\u00e0ng ph\u1ee5 thu\u1ed9c v\u00e0o email, website v\u00e0 c\u00e1c d\u1ecbch v\u1ee5 tr\u1ef1c tuy\u1ebfn, nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng b\u1edfi c\u00e1c h\u00ecnh th\u1ee9c l\u1eeba \u0111\u1ea3o tr\u1ef1c tuy\u1ebfn ng\u00e0y c\u00e0ng cao. M\u1ed9t trong nh\u1eefng m\u1ed1i \u0111e d\u1ecda ph\u1ed5 bi\u1ebfn nh\u1ea5t l\u00e0 <strong>phishing<\/strong> \u2013 ph\u01b0\u01a1ng ph\u00e1p t\u1ea5n c\u00f4ng \u0111\u00e1nh l\u1eeba ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p th\u00f4ng tin nh\u1ea1y c\u1ea3m. Ch\u1eafc h\u1eb3n kh\u00f4ng \u00edt ng\u01b0\u1eddi trong ch\u00fang ta \u0111\u00e3 \u0111\u1ec1u nh\u1eadn \u0111\u01b0\u1ee3c nh\u01b0ng email gi\u1ea3 m\u1ea1o ng\u00e2n h\u00e0ng y\u00eau c\u1ea7u \u201cx\u00e1c th\u1ef1c t\u00e0i kho\u1ea3n\u201d,  hay nh\u1eefng cu\u1ed9c g\u1ecdi gi\u1ea3 danh c\u00e1n b\u1ed9 nh\u00e0 n\u01b0\u1edbc nh\u1eb1m m\u1ee5c \u0111\u00edch l\u1eeba \u0111\u1ea3o Nh\u1eefng t\u00ecnh hu\u1ed1ng n\u00e0y kh\u00f4ng ch\u1ec9 khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng lo l\u1eafng m\u00e0 c\u00f2n c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn m\u1ea5t ti\u1ec1n, m\u1ea5t th\u00f4ng tin c\u00e1 nh\u00e2n, th\u1eadm ch\u00ed l\u00e0 r\u1ee7i ro v\u1ec1 uy t\u00edn \u0111\u1ed1i v\u1edbi c\u00e1c t\u1ed5 ch\u1ee9c. Trong b\u00e0i vi\u1ebft n\u00e0y, m\u00ecnh c\u00f9ng b\u1ea1n s\u1ebd t\u00ecm hi\u1ec3u s\u00e2u v\u1ec1 <strong>phishing<\/strong> \u2013 t\u1eeb c\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng, c\u00e1c lo\u1ea1i h\u00ecnh ph\u1ed5 bi\u1ebfn, d\u1ea5u hi\u1ec7u nh\u1eadn bi\u1ebft, t\u00e1c h\u1ea1i, \u0111\u1ebfn nh\u1eefng bi\u1ec7n ph\u00e1p ph\u00f2ng tr\u00e1nh hi\u1ec7u qu\u1ea3<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img fetchpriority=\"high\" decoding=\"async\" width=\"422\" height=\"258\" src=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing-email-fraud-hacker-hoodie.png\" alt=\"T\u00ecm Hi\u1ec3u Phishing: C\u01a1 Ch\u1ebf, T\u00e1c H\u1ea1i v\u00e0 Bi\u1ec7n Ph\u00e1p B\u1ea3o M\u1eadt\" class=\"wp-image-2070\" style=\"width:670px;height:auto\" srcset=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing-email-fraud-hacker-hoodie.png 422w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing-email-fraud-hacker-hoodie-300x183.png 300w\" sizes=\"(max-width: 422px) 100vw, 422px\" \/><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\">1. Phishing l\u00e0 g\u00ec?<\/h2>\n\n\n\n<p>Phishing l\u00e0 m\u1ed9t h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng m\u1ea1ng nh\u1eafm v\u00e0o con ng\u01b0\u1eddi, v\u1edbi m\u1ee5c ti\u00eau \u0111\u00e1nh l\u1eeba ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p c\u00e1c th\u00f4ng tin nh\u1ea1y c\u1ea3m nh\u01b0 t\u00e0i kho\u1ea3n ng\u00e2n h\u00e0ng, m\u1eadt kh\u1ea9u, s\u1ed1 th\u1ebb t\u00edn d\u1ee5ng ho\u1eb7c th\u00f4ng tin c\u00e1 nh\u00e2n kh\u00e1c. Thu\u1eadt ng\u1eef \u201cphishing\u201d \u0111\u01b0\u1ee3c l\u1ea5y c\u1ea3m h\u1ee9ng t\u1eeb \u201cfishing\u201d \u2013 c\u00e2u c\u00e1, v\u00ec hacker \u201cth\u1ea3 m\u1ed3i\u201d v\u00e0 ch\u1edd n\u1ea1n nh\u00e2n \u201cc\u1eafn c\u00e2u\u201d.<\/p>\n\n\n\n<p>H\u00ecnh th\u1ee9c n\u00e0y xu\u1ea5t hi\u1ec7n t\u1eeb nh\u1eefng n\u0103m 1990, ban \u0111\u1ea7u ch\u1ee7 y\u1ebfu nh\u1eafm v\u00e0o c\u00e1c t\u00e0i kho\u1ea3n AOL, nh\u01b0ng \u0111\u1ebfn nay \u0111\u00e3 tr\u1edf n\u00ean tinh vi v\u00e0 \u0111a d\u1ea1ng h\u01a1n, nh\u1eafm v\u00e0o c\u00e1 nh\u00e2n, t\u1ed5 ch\u1ee9c, doanh nghi\u1ec7p, th\u1eadm ch\u00ed c\u1ea3 c\u01a1 quan nh\u00e0 n\u01b0\u1edbc. M\u1ee5c ti\u00eau ch\u00ednh l\u00e0 thu th\u1eadp th\u00f4ng tin quan tr\u1ecdng \u0111\u1ec3 \u0111\u00e1nh c\u1eafp t\u00e0i s\u1ea3n, g\u00e2y thi\u1ec7t h\u1ea1i t\u00e0i ch\u00ednh ho\u1eb7c truy c\u1eadp tr\u00e1i ph\u00e9p v\u00e0o d\u1eef li\u1ec7u.<\/p>\n\n\n\n<p><strong>V\u00ed d\u1ee5 ph\u1ed5 bi\u1ebfn<\/strong>: nh\u1eefng email gi\u1ea3 m\u1ea1o ng\u00e2n h\u00e0ng y\u00eau c\u1ea7u \u201cx\u00e1c th\u1ef1c t\u00e0i kho\u1ea3n ngay l\u1eadp t\u1ee9c\u201d hay website gi\u1ea3 m\u1ea1o d\u1ecbch v\u1ee5 tr\u1ef1c tuy\u1ebfn \u0111\u1ec3 thu th\u1eadp th\u00f4ng tin \u0111\u0103ng nh\u1eadp c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. C\u00e1c lo\u1ea1i h\u00ecnh phishing ph\u1ed5 bi\u1ebfn<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">2.1. Email phishing<\/h3>\n\n\n\n<p>\u0110\u00e2y l\u00e0 h\u00ecnh th\u1ee9c phishing ph\u1ed5 bi\u1ebfn nh\u1ea5t v\u00e0 th\u01b0\u1eddng l\u00e0 \u201cc\u1eeda ng\u00f5\u201d \u0111\u1ec3 hacker ti\u1ebfp c\u1eadn ng\u01b0\u1eddi d\u00f9ng. Hacker g\u1eedi email gi\u1ea3 m\u1ea1o, m\u00f4 ph\u1ecfng t\u1eeb c\u00e1c t\u1ed5 ch\u1ee9c uy t\u00edn nh\u01b0 ng\u00e2n h\u00e0ng, s\u00e0n th\u01b0\u01a1ng m\u1ea1i \u0111i\u1ec7n t\u1eed, ho\u1eb7c c\u00e1c d\u1ecbch v\u1ee5 tr\u1ef1c tuy\u1ebfn. Email th\u01b0\u1eddng c\u00f3 n\u1ed9i dung kh\u1ea9n c\u1ea5p, v\u00ed d\u1ee5: \u201cT\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n s\u1ebd b\u1ecb kh\u00f3a n\u1ebfu kh\u00f4ng x\u00e1c th\u1ef1c ngay\u201d, ho\u1eb7c \u201cB\u1ea1n nh\u1eadn \u0111\u01b0\u1ee3c qu\u00e0 t\u1eb7ng, h\u00e3y click \u0111\u1ec3 nh\u1eadn th\u01b0\u1edfng\u201d. M\u1ee5c \u0111\u00edch l\u00e0 khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng h\u1ea5p t\u1ea5p click v\u00e0o \u0111\u01b0\u1eddng link ho\u1eb7c t\u1ea3i file \u0111\u00ednh k\u00e8m, t\u1eeb \u0111\u00f3 hacker thu th\u1eadp th\u00f4ng tin \u0111\u0103ng nh\u1eadp ho\u1eb7c c\u00e0i m\u00e3 \u0111\u1ed9c.<\/p>\n\n\n\n<p>V\u00ed d\u1ee5: Email g\u1eedi t\u1eeb \u201c<a>bank@secure-bank.com<\/a>\u201d y\u00eau c\u1ea7u ng\u01b0\u1eddi nh\u1eadn \u201creset password ngay l\u1eadp t\u1ee9c\u201d. N\u1ebfu ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng \u0111\u1ec3 \u00fd k\u1ef9 \u0111\u1ecba ch\u1ec9 g\u1eedi ho\u1eb7c URL, h\u1ecd d\u1ec5 b\u1ecb l\u1eeba v\u00e0 cung c\u1ea5p th\u00f4ng tin nh\u1ea1y c\u1ea3m.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2.2. Spear phishing<\/h3>\n\n\n\n<p>Spear phishing l\u00e0 m\u1ed9t bi\u1ebfn th\u1ec3 tinh vi c\u1ee7a email phishing, nh\u1eafm m\u1ee5c ti\u00eau c\u1ee5 th\u1ec3 \u0111\u1ebfn m\u1ed9t c\u00e1 nh\u00e2n, nh\u00f3m ho\u1eb7c t\u1ed5 ch\u1ee9c. Hacker nghi\u00ean c\u1ee9u k\u1ef9 th\u00f4ng tin n\u1ea1n nh\u00e2n nh\u01b0 v\u1ecb tr\u00ed c\u00f4ng vi\u1ec7c, th\u00f3i quen, m\u1ed1i quan h\u1ec7 \u0111\u1ec3 t\u1ea1o email c\u1ef1c k\u1ef3 thuy\u1ebft ph\u1ee5c. Do \u0111\u01b0\u1ee3c c\u00e1 nh\u00e2n h\u00f3a, lo\u1ea1i phishing n\u00e0y r\u1ea5t kh\u00f3 ph\u00e1t hi\u1ec7n so v\u1edbi email phishing \u0111\u1ea1i tr\u00e0.<\/p>\n\n\n\n<p>V\u00ed d\u1ee5: M\u1ed9t email g\u1eedi cho CEO v\u1edbi n\u1ed9i dung y\u00eau c\u1ea7u chuy\u1ec3n kho\u1ea3n kh\u1ea9n c\u1ea5p ho\u1eb7c cung c\u1ea5p h\u1ee3p \u0111\u1ed3ng quan tr\u1ecdng. N\u1ebfu kh\u00f4ng c\u1ea9n th\u1eadn, h\u1eadu qu\u1ea3 c\u00f3 th\u1ec3 l\u00e0 m\u1ea5t h\u00e0ng ngh\u00ecn USD ho\u1eb7c th\u00f4ng tin quan tr\u1ecdng b\u1ecb r\u00f2 r\u1ec9.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2.3. Smishing &amp; Vishing<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Smishing:<\/strong> Phishing qua tin nh\u1eafn SMS. Hacker g\u1eedi tin nh\u1eafn gi\u1ea3 m\u1ea1o ng\u00e2n h\u00e0ng ho\u1eb7c d\u1ecbch v\u1ee5 tr\u1ef1c tuy\u1ebfn, y\u00eau c\u1ea7u click link \u0111\u1ec3 x\u00e1c th\u1ef1c th\u00f4ng tin ho\u1eb7c nh\u1eadn qu\u00e0 t\u1eb7ng. Ng\u01b0\u1eddi d\u00f9ng d\u1ec5 b\u1ecb l\u1eeba v\u00ec tin nh\u1eafn th\u01b0\u1eddng xu\u1ea5t hi\u1ec7n tr\u00ean \u0111i\u1ec7n tho\u1ea1i c\u00e1 nh\u00e2n, t\u1ea1o c\u1ea3m gi\u00e1c an to\u00e0n.<\/li>\n\n\n\n<li><strong>Vishing:<\/strong> Phishing qua \u0111i\u1ec7n tho\u1ea1i. Hacker g\u1ecdi \u0111i\u1ec7n gi\u1ea3 danh nh\u00e2n vi\u00ean ng\u00e2n h\u00e0ng, c\u00f4ng ty b\u1ea3o hi\u1ec3m, ho\u1eb7c b\u1ed9 ph\u1eadn h\u1ed7 tr\u1ee3 k\u1ef9 thu\u1eadt \u0111\u1ec3 l\u1eeba ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p th\u00f4ng tin quan tr\u1ecdng. C\u00e1c cu\u1ed9c g\u1ecdi n\u00e0y th\u01b0\u1eddng t\u1ea1o \u00e1p l\u1ef1c t\u00e2m l\u00fd, khi\u1ebfn n\u1ea1n nh\u00e2n cung c\u1ea5p th\u00f4ng tin m\u00e0 kh\u00f4ng suy ngh\u0129 k\u1ef9.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2.4. Pharming<\/h3>\n\n\n\n<p>Pharming l\u00e0 h\u00ecnh th\u1ee9c phishing cao c\u1ea5p h\u01a1n, kh\u00f4ng d\u1ef1a v\u00e0o email m\u00e0 chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn website gi\u1ea3 m\u1ea1o. Hacker c\u00f3 th\u1ec3 thay \u0111\u1ed5i thi\u1ebft l\u1eadp DNS ho\u1eb7c t\u1ea1o website g\u1ea7n gi\u1ed1ng trang ch\u00ednh th\u1ee9c, khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng kh\u00f3 nh\u1eadn bi\u1ebft. M\u1ee5c \u0111\u00edch l\u00e0 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp, m\u1eadt kh\u1ea9u, ho\u1eb7c d\u1eef li\u1ec7u th\u1ebb ng\u00e2n h\u00e0ng.<\/p>\n\n\n\n<p>V\u00ed d\u1ee5: M\u1ed9t website ng\u00e2n h\u00e0ng gi\u1ea3 m\u1ea1o c\u00f3 giao di\u1ec7n v\u00e0 logo gi\u1ed1ng h\u1ec7t trang th\u1eadt, nh\u01b0ng URL ch\u1ec9 kh\u00e1c m\u1ed9t k\u00fd t\u1ef1 ho\u1eb7c s\u1eed d\u1ee5ng t\u00ean mi\u1ec1n l\u1ea1, r\u1ea5t d\u1ec5 khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng m\u1eafc b\u1eaby.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img decoding=\"async\" width=\"700\" height=\"394\" src=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/Phishing-Email-la-gi.jpg\" alt=\"C\u00e1c lo\u1ea1i h\u00ecnh phishing ph\u1ed5 bi\u1ebfn\" class=\"wp-image-2072\" srcset=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/Phishing-Email-la-gi.jpg 700w, https:\/\/kienthucmo.com\/wp-content\/uploads\/Phishing-Email-la-gi-300x169.jpg 300w\" sizes=\"(max-width: 700px) 100vw, 700px\" \/><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\">3. D\u1ea5u hi\u1ec7u nh\u1eadn bi\u1ebft phishing<\/h2>\n\n\n\n<p>Nh\u1eadn bi\u1ebft phishing l\u00e0 m\u1ed9t k\u1ef9 n\u0103ng quan tr\u1ecdng \u0111\u1ec3 b\u1ea3o v\u1ec7 th\u00f4ng tin c\u00e1 nh\u00e2n, t\u00e0i kho\u1ea3n tr\u1ef1c tuy\u1ebfn v\u00e0 tr\u00e1nh c\u00e1c r\u1ee7i ro t\u00e0i ch\u00ednh. Hacker th\u01b0\u1eddng l\u1ee3i d\u1ee5ng s\u1ef1 thi\u1ebfu ch\u00fa \u00fd ho\u1eb7c v\u1ed9i v\u00e0ng c\u1ee7a ng\u01b0\u1eddi d\u00f9ng, v\u00ec v\u1eady vi\u1ec7c n\u1eafm r\u00f5 c\u00e1c d\u1ea5u hi\u1ec7u c\u1ea3nh b\u00e1o s\u1ebd gi\u00fap b\u1ea1n ph\u1ea3n \u1ee9ng k\u1ecbp th\u1eddi. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 nh\u1eefng d\u1ea5u hi\u1ec7u ph\u1ed5 bi\u1ebfn m\u00e0 m\u00ecnh th\u01b0\u1eddng ki\u1ec3m tra khi nh\u1eadn email ho\u1eb7c truy c\u1eadp website:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Ng\u00f4n ng\u1eef b\u1ea5t th\u01b0\u1eddng v\u00e0 \u00e1p l\u1ef1c t\u00e2m l\u00fd:<\/strong><br>Email phishing th\u01b0\u1eddng s\u1eed d\u1ee5ng l\u1eddi l\u1ebd kh\u1ea9n c\u1ea5p ho\u1eb7c \u0111e d\u1ecda, v\u00ed d\u1ee5: \u201cT\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n s\u1ebd b\u1ecb kh\u00f3a ngay l\u1eadp t\u1ee9c\u201d hay \u201cH\u00e3y x\u00e1c th\u1ef1c ngay \u0111\u1ec3 nh\u1eadn qu\u00e0 th\u01b0\u1edfng\u201d. M\u1ed9t s\u1ed1 email kh\u00e1c d\u00f9ng c\u00e1ch m\u1eddi g\u1ecdi h\u1ea5p d\u1eabn, ki\u1ec3u nh\u01b0 \u201cB\u1ea1n tr\u00fang th\u01b0\u1edfng, click v\u00e0o \u0111\u00e2y \u0111\u1ec3 nh\u1eadn gi\u1ea3i\u201d. Ngo\u00e0i ra, l\u1ed7i ch\u00ednh t\u1ea3 ho\u1eb7c ng\u1eef ph\u00e1p b\u1ea5t th\u01b0\u1eddng c\u0169ng l\u00e0 d\u1ea5u hi\u1ec7u c\u1ea3nh b\u00e1o, v\u00ec nhi\u1ec1u hacker kh\u00f4ng s\u1eed d\u1ee5ng ti\u1ebfng b\u1ea3n \u0111\u1ecba th\u00e0nh th\u1ea1o.<\/li>\n\n\n\n<li><strong>URL l\u1ea1 ho\u1eb7c kh\u00f4ng kh\u1edbp v\u1edbi website th\u1eadt:<\/strong><br>Hacker th\u01b0\u1eddng t\u1ea1o c\u00e1c li\u00ean k\u1ebft gi\u1ea3 m\u1ea1o g\u1ea7n gi\u1ed1ng v\u1edbi URL ch\u00ednh th\u1ee9c. Tr\u01b0\u1edbc khi click, b\u1ea1n n\u00ean hover chu\u1ed9t l\u00ean link \u0111\u1ec3 ki\u1ec3m tra \u0111\u1ecba ch\u1ec9 th\u1eadt. Tr\u00e1nh click c\u00e1c link r\u00fat g\u1ecdn ho\u1eb7c ch\u1ee9a c\u00e1c k\u00fd t\u1ef1 l\u1ea1, v\u00ec \u0111\u00f3 l\u00e0 ph\u01b0\u01a1ng ti\u1ec7n ph\u1ed5 bi\u1ebfn \u0111\u1ec3 d\u1eabn ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn website phishing.<\/li>\n\n\n\n<li><strong>Y\u00eau c\u1ea7u cung c\u1ea5p th\u00f4ng tin nh\u1ea1y c\u1ea3m:<\/strong><br>C\u00e1c t\u1ed5 ch\u1ee9c uy t\u00edn nh\u01b0 ng\u00e2n h\u00e0ng, d\u1ecbch v\u1ee5 email ho\u1eb7c n\u1ec1n t\u1ea3ng th\u01b0\u01a1ng m\u1ea1i \u0111i\u1ec7n t\u1eed kh\u00f4ng bao gi\u1edd y\u00eau c\u1ea7u m\u1eadt kh\u1ea9u, OTP, s\u1ed1 th\u1ebb t\u00edn d\u1ee5ng hay th\u00f4ng tin c\u00e1 nh\u00e2n qua email. N\u1ebfu email y\u00eau c\u1ea7u b\u1ea1n cung c\u1ea5p nh\u1eefng th\u00f4ng tin n\u00e0y, \u0111\u00f3 l\u00e0 d\u1ea5u hi\u1ec7u r\u1ea5t r\u00f5 r\u00e0ng c\u1ee7a phishing.<\/li>\n\n\n\n<li><strong>Ch\u1ee9ng ch\u1ec9 SSL v\u00e0 ch\u1eef k\u00fd s\u1ed1:<\/strong><br>Khi truy c\u1eadp website, h\u00e3y ki\u1ec3m tra bi\u1ec3u t\u01b0\u1ee3ng \u1ed5 kh\u00f3a tr\u00ean thanh \u0111\u1ecba ch\u1ec9 tr\u00ecnh duy\u1ec7t v\u00e0 URL b\u1eaft \u0111\u1ea7u b\u1eb1ng HTTPS. Website gi\u1ea3 m\u1ea1o th\u01b0\u1eddng kh\u00f4ng c\u00f3 ch\u1ee9ng ch\u1ec9 SSL h\u1ee3p l\u1ec7 ho\u1eb7c d\u00f9ng ch\u1ee9ng ch\u1ec9 mi\u1ec5n ph\u00ed kh\u00f4ng \u0111\u00e1ng tin c\u1eady, gi\u00fap hacker t\u1ea1o c\u1ea3m gi\u00e1c \u201can to\u00e0n\u201d gi\u1ea3.<\/li>\n\n\n\n<li><strong>Email ho\u1eb7c website b\u1ea5t th\u01b0\u1eddng so v\u1edbi th\u00f3i quen:<\/strong><br>N\u1ebfu b\u1ea1n nh\u1eadn \u0111\u01b0\u1ee3c email t\u1eeb m\u1ed9t t\u1ed5 ch\u1ee9c m\u00e0 tr\u01b0\u1edbc \u0111\u00e2y ch\u01b0a t\u1eebng li\u00ean h\u1ec7, ho\u1eb7c website c\u00f3 giao di\u1ec7n kh\u00e1c l\u1ea1, \u0111\u00e2y c\u0169ng l\u00e0 d\u1ea5u hi\u1ec7u c\u1ea3nh b\u00e1o. Hacker c\u00f3 th\u1ec3 t\u00e1i s\u1eed d\u1ee5ng c\u00e1c th\u01b0\u01a1ng hi\u1ec7u uy t\u00edn \u0111\u1ec3 t\u0103ng \u0111\u1ed9 tin t\u01b0\u1edfng.<\/li>\n\n\n\n<li><strong>Ki\u1ec3m tra header email:<\/strong><br>Ng\u01b0\u1eddi d\u00f9ng n\u00e2ng cao c\u00f3 th\u1ec3 ki\u1ec3m tra header c\u1ee7a email \u0111\u1ec3 x\u00e1c \u0111\u1ecbnh \u0111\u1ecba ch\u1ec9 g\u1eedi th\u1ef1c s\u1ef1, v\u00ec hacker c\u00f3 th\u1ec3 gi\u1ea3 m\u1ea1o display name, nh\u01b0ng header s\u1ebd ti\u1ebft l\u1ed9 domain g\u1eedi th\u1ef1c.<\/li>\n<\/ul>\n\n\n\n<p>Nh\u1eadn bi\u1ebft s\u1edbm nh\u1eefng d\u1ea5u hi\u1ec7u tr\u00ean gi\u00fap b\u1ea1n ng\u0103n ch\u1eb7n phishing tr\u01b0\u1edbc khi b\u1ecb l\u1eeba \u0111\u1ea3o, b\u1ea3o v\u1ec7 t\u00e0i kho\u1ea3n v\u00e0 d\u1eef li\u1ec7u c\u00e1 nh\u00e2n m\u1ed9t c\u00e1ch hi\u1ec7u qu\u1ea3. Khi k\u1ebft h\u1ee3p v\u1edbi c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt kh\u00e1c nh\u01b0 x\u00e1c th\u1ef1c hai l\u1edbp (2FA) hay ph\u1ea7n m\u1ec1m anti-phishing, b\u1ea1n s\u1ebd n\u00e2ng cao kh\u1ea3 n\u0103ng an to\u00e0n khi s\u1eed d\u1ee5ng email v\u00e0 Internet.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img decoding=\"async\" width=\"800\" height=\"576\" src=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/phising.png\" alt=\"D\u1ea5u hi\u1ec7u nh\u1eadn bi\u1ebft phishing\" class=\"wp-image-2074\" style=\"width:542px;height:auto\" srcset=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/phising.png 800w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phising-300x216.png 300w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phising-768x553.png 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\">4. C\u01a1 ch\u1ebf ho\u1ea1t \u0111\u1ed9ng c\u1ee7a phishing<\/h2>\n\n\n\n<p>Phishing l\u00e0 m\u1ed9t h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng k\u1ebft h\u1ee3p gi\u1eefa t\u00e2m l\u00fd, k\u1ef9 thu\u1eadt v\u00e0 c\u00f4ng c\u1ee5 t\u1ef1 \u0111\u1ed9ng, nh\u1eb1m l\u1eeba ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p th\u00f4ng tin nh\u1ea1y c\u1ea3m. C\u01a1 ch\u1ebf ho\u1ea1t \u0111\u1ed9ng th\u01b0\u1eddng g\u1ed3m ba b\u01b0\u1edbc ch\u00ednh:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Khai th\u00e1c t\u00e2m l\u00fd ng\u01b0\u1eddi d\u00f9ng (Social Engineering):<\/strong><br>Hacker d\u1ef1a v\u00e0o t\u00e2m l\u00fd con ng\u01b0\u1eddi nh\u01b0 s\u1ef1 v\u1ed9i v\u00e0ng, s\u1ee3 m\u1ea5t ti\u1ec1n, lo l\u1eafng t\u00e0i kho\u1ea3n b\u1ecb kh\u00f3a, hay tham l\u1ee3i \u00edch tr\u01b0\u1edbc m\u1eaft. V\u00ed d\u1ee5, m\u1ed9t email c\u1ea3nh b\u00e1o \u201cT\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n s\u1ebd b\u1ecb kh\u00f3a trong 24 gi\u1edd\u201d khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng h\u1ea5p t\u1ea5p click link, m\u00e0 kh\u00f4ng ki\u1ec3m tra t\u00ednh x\u00e1c th\u1ef1c. \u0110\u00e2y l\u00e0 b\u01b0\u1edbc quan tr\u1ecdng nh\u1ea5t v\u00ec phishing ch\u1ee7 y\u1ebfu khai th\u00e1c y\u1ebfu t\u1ed1 con ng\u01b0\u1eddi ch\u1ee9 kh\u00f4ng ph\u1ea3i ch\u1ec9 l\u00e0 k\u1ef9 thu\u1eadt.<\/li>\n\n\n\n<li><strong>K\u1ef9 thu\u1eadt gi\u1ea3 m\u1ea1o v\u00e0 chuy\u1ec3n h\u01b0\u1edbng (Technical Exploit):<\/strong><br>Hacker d\u00f9ng c\u00e1c c\u00f4ng c\u1ee5 k\u1ef9 thu\u1eadt s\u1ed1 \u0111\u1ec3 l\u00e0m email ho\u1eb7c website tr\u00f4ng th\u1eadt:\n<ul class=\"wp-block-list\">\n<li><strong>Email spoofing:<\/strong> Gi\u1ea3 m\u1ea1o \u0111\u1ecba ch\u1ec9 g\u1eedi, t\u00ean hi\u1ec3n th\u1ecb gi\u1ed1ng ng\u00e2n h\u00e0ng ho\u1eb7c c\u00f4ng ty uy t\u00edn.<\/li>\n\n\n\n<li><strong>Website gi\u1ea3 m\u1ea1o \/ Pharming:<\/strong> T\u1ea1o trang web gi\u1ed1ng h\u1ec7t trang th\u1eadt ho\u1eb7c thay \u0111\u1ed5i DNS \u0111\u1ec3 chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng, nh\u1eb1m thu th\u1eadp t\u00e0i kho\u1ea3n, m\u1eadt kh\u1ea9u, th\u00f4ng tin th\u1ebb ng\u00e2n h\u00e0ng.<br>C\u00e1c k\u1ef9 thu\u1eadt n\u00e0y khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng kh\u00f3 nh\u1eadn ra email ho\u1eb7c trang web l\u00e0 gi\u1ea3.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>S\u1eed d\u1ee5ng c\u00f4ng c\u1ee5 t\u1ea5n c\u00f4ng t\u1ef1 \u0111\u1ed9ng (Automated Tools):<\/strong><br>Hacker th\u01b0\u1eddng tri\u1ec3n khai c\u00f4ng c\u1ee5 t\u1ef1 \u0111\u1ed9ng \u0111\u1ec3 g\u1eedi h\u00e0ng lo\u1ea1t email phishing, t\u1ea1o landing page gi\u1ea3, ho\u1eb7c thu th\u1eadp d\u1eef li\u1ec7u ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 click link. Vi\u1ec7c n\u00e0y gi\u00fap t\u1ea5n c\u00f4ng m\u1edf r\u1ed9ng quy m\u00f4 nhanh ch\u00f3ng, gi\u1ea3m c\u00f4ng s\u1ee9c th\u1ee7 c\u00f4ng v\u00e0 t\u0103ng t\u1ef7 l\u1ec7 th\u00e0nh c\u00f4ng.<\/li>\n<\/ol>\n\n\n\n<p>Nh\u01b0 v\u1eady, phishing kh\u00f4ng ch\u1ec9 d\u1ef1a v\u00e0o k\u1ef9 thu\u1eadt c\u00f4ng ngh\u1ec7, m\u00e0 t\u1eadn d\u1ee5ng t\u00e2m l\u00fd con ng\u01b0\u1eddi v\u00e0 t\u1ef1 \u0111\u1ed9ng h\u00f3a \u0111\u1ec3 \u0111\u1ea1t hi\u1ec7u qu\u1ea3 cao. Vi\u1ec7c hi\u1ec3u c\u01a1 ch\u1ebf n\u00e0y gi\u00fap ng\u01b0\u1eddi d\u00f9ng nh\u1ea1y b\u00e9n h\u01a1n khi nh\u1eadn email l\u1ea1, tr\u00e1nh r\u1ee7i ro m\u1ea5t th\u00f4ng tin v\u00e0 t\u00e0i s\u1ea3n.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"684\" src=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing_smallslider-2019-1024x684.jpg\" alt=\"C\u01a1 ch\u1ebf ho\u1ea1t \u0111\u1ed9ng c\u1ee7a phishing\" class=\"wp-image-2076\" style=\"width:679px;height:auto\" srcset=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing_smallslider-2019-1024x684.jpg 1024w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing_smallslider-2019-300x200.jpg 300w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing_smallslider-2019-768x513.jpg 768w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing_smallslider-2019-1536x1025.jpg 1536w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing_smallslider-2019-1300x867.jpg 1300w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing_smallslider-2019-800x533.jpg 800w, https:\/\/kienthucmo.com\/wp-content\/uploads\/phishing_smallslider-2019.jpg 1895w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\">5. T\u00e1c h\u1ea1i c\u1ee7a phishing<\/h2>\n\n\n\n<p>Phishing l\u00e0 m\u1ed9t trong nh\u1eefng m\u1ed1i \u0111e d\u1ecda nghi\u00eam tr\u1ecdng trong m\u00f4i tr\u01b0\u1eddng s\u1ed1 h\u00f3a, c\u00f3 th\u1ec3 g\u00e2y ra nhi\u1ec1u h\u1eadu qu\u1ea3 \u0111\u00e1ng k\u1ec3 c\u1ea3 v\u1edbi c\u00e1 nh\u00e2n l\u1eabn doanh nghi\u1ec7p:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u0110\u00e1nh c\u1eafp th\u00f4ng tin c\u00e1 nh\u00e2n:<\/strong><br>Khi ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p th\u00f4ng tin qua email ho\u1eb7c website gi\u1ea3 m\u1ea1o, hacker c\u00f3 th\u1ec3 l\u1ea5y \u0111\u01b0\u1ee3c t\u00e0i kho\u1ea3n email, m\u1eadt kh\u1ea9u, s\u1ed1 th\u1ebb ng\u00e2n h\u00e0ng, th\u00f4ng tin c\u00e1 nh\u00e2n nh\u1ea1y c\u1ea3m. Nh\u1eefng d\u1eef li\u1ec7u n\u00e0y sau \u0111\u00f3 c\u00f3 th\u1ec3 b\u1ecb s\u1eed d\u1ee5ng cho c\u00e1c m\u1ee5c \u0111\u00edch gian l\u1eadn kh\u00e1c ho\u1eb7c b\u1ecb b\u00e1n tr\u00ean th\u1ecb tr\u01b0\u1eddng ch\u1ee3 \u0111en.<\/li>\n\n\n\n<li><strong>Thi\u1ec7t h\u1ea1i t\u00e0i ch\u00ednh:<\/strong><br>Hacker c\u00f3 th\u1ec3 th\u1ef1c hi\u1ec7n giao d\u1ecbch tr\u00e1i ph\u00e9p, chuy\u1ec3n ti\u1ec1n t\u1eeb t\u00e0i kho\u1ea3n n\u1ea1n nh\u00e2n ho\u1eb7c mua s\u1eafm tr\u1ef1c tuy\u1ebfn v\u1edbi th\u00f4ng tin th\u1ebb b\u1ecb \u0111\u00e1nh c\u1eafp. C\u00e1c kho\u1ea3n ti\u1ec1n n\u00e0y th\u01b0\u1eddng kh\u00f3 thu h\u1ed3i, g\u00e2y t\u1ed5n th\u1ea5t tr\u1ef1c ti\u1ebfp cho ng\u01b0\u1eddi d\u00f9ng.<\/li>\n\n\n\n<li><strong>M\u1ea5t uy t\u00edn v\u00e0 ni\u1ec1m tin:<\/strong><br>\u0110\u1ed1i v\u1edbi doanh nghi\u1ec7p, n\u1ebfu kh\u00e1ch h\u00e0ng b\u1ecb l\u1eeba b\u1edfi email gi\u1ea3 m\u1ea1o ho\u1eb7c trang web gi\u1ea3 m\u1ea1o c\u1ee7a c\u00f4ng ty, danh ti\u1ebfng v\u00e0 ni\u1ec1m tin c\u1ee7a kh\u00e1ch h\u00e0ng s\u1ebd b\u1ecb \u1ea3nh h\u01b0\u1edfng nghi\u00eam tr\u1ecdng. \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn gi\u1ea3m doanh thu v\u00e0 thi\u1ec7t h\u1ea1i l\u00e2u d\u00e0i cho th\u01b0\u01a1ng hi\u1ec7u.<\/li>\n<\/ol>\n\n\n\n<p>Nhi\u1ec1u v\u1ee5 r\u00f2 r\u1ec9 d\u1eef li\u1ec7u l\u1edbn li\u00ean quan \u0111\u1ebfn phishing \u0111\u00e3 g\u00e2y thi\u1ec7t h\u1ea1i h\u00e0ng tri\u1ec7u USD, \u0111\u1ed3ng th\u1eddi \u1ea3nh h\u01b0\u1edfng nghi\u00eam tr\u1ecdng \u0111\u1ebfn uy t\u00edn c\u1ee7a doanh nghi\u1ec7p. V\u00ed d\u1ee5, m\u1ed9t s\u1ed1 ng\u00e2n h\u00e0ng v\u00e0 c\u00f4ng ty l\u1edbn t\u1eebng ph\u1ea3i th\u00f4ng b\u00e1o kh\u00e1ch h\u00e0ng \u0111\u1ed5i m\u1eadt kh\u1ea9u h\u00e0ng lo\u1ea1t sau khi hacker s\u1eed d\u1ee5ng email phishing \u0111\u1ec3 thu th\u1eadp th\u00f4ng tin \u0111\u0103ng nh\u1eadp.<\/p>\n\n\n\n<p>Nh\u01b0 v\u1eady, phishing kh\u00f4ng ch\u1ec9 l\u00e0 m\u1ed1i nguy hi\u1ec3m v\u1ec1 d\u1eef li\u1ec7u c\u00e1 nh\u00e2n m\u00e0 c\u00f2n \u0111e d\u1ecda t\u00e0i ch\u00ednh v\u00e0 uy t\u00edn c\u1ee7a c\u00e1 nh\u00e2n l\u1eabn t\u1ed5 ch\u1ee9c, nh\u1ea5n m\u1ea1nh t\u1ea7m quan tr\u1ecdng c\u1ee7a vi\u1ec7c nh\u1eadn bi\u1ebft v\u00e0 ph\u00f2ng tr\u00e1nh c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"556\" src=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/edit-what-is-url-phishing-and-how-to-prevent-it-1024x556.jpeg\" alt=\"T\u00e1c h\u1ea1i c\u1ee7a phishing\" class=\"wp-image-2078\" srcset=\"https:\/\/kienthucmo.com\/wp-content\/uploads\/edit-what-is-url-phishing-and-how-to-prevent-it-1024x556.jpeg 1024w, https:\/\/kienthucmo.com\/wp-content\/uploads\/edit-what-is-url-phishing-and-how-to-prevent-it-300x163.jpeg 300w, https:\/\/kienthucmo.com\/wp-content\/uploads\/edit-what-is-url-phishing-and-how-to-prevent-it-768x417.jpeg 768w, https:\/\/kienthucmo.com\/wp-content\/uploads\/edit-what-is-url-phishing-and-how-to-prevent-it-1300x706.jpeg 1300w, https:\/\/kienthucmo.com\/wp-content\/uploads\/edit-what-is-url-phishing-and-how-to-prevent-it.jpeg 1417w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\">6. C\u00e1ch ph\u00f2ng tr\u00e1nh v\u00e0 b\u1ea3o v\u1ec7 b\u1ea3n th\u00e2n<\/h2>\n\n\n\n<p>Ph\u00f2ng tr\u00e1nh phishing l\u00e0 b\u01b0\u1edbc quan tr\u1ecdng \u0111\u1ec3 b\u1ea3o v\u1ec7 th\u00f4ng tin c\u00e1 nh\u00e2n, t\u00e0i kho\u1ea3n tr\u1ef1c tuy\u1ebfn v\u00e0 t\u00e0i s\u1ea3n s\u1ed1. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 m\u1ed9t s\u1ed1 bi\u1ec7n ph\u00e1p m\u00e0 m\u00ecnh th\u01b0\u1eddng \u00e1p d\u1ee5ng v\u00e0 khuy\u1ebfn ngh\u1ecb:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Ki\u1ec3m tra k\u1ef9 email v\u00e0 URL tr\u01b0\u1edbc khi click:<\/strong>\n<ul class=\"wp-block-list\">\n<li>Lu\u00f4n hover chu\u1ed9t l\u00ean li\u00ean k\u1ebft \u0111\u1ec3 xem URL th\u1eadt.<\/li>\n\n\n\n<li>Ki\u1ec3m tra \u0111\u1ecba ch\u1ec9 email ng\u01b0\u1eddi g\u1eedi, tr\u00e1nh click c\u00e1c email l\u1ea1 ho\u1eb7c c\u00f3 domain kh\u00f4ng kh\u1edbp v\u1edbi t\u1ed5 ch\u1ee9c th\u1eadt.<\/li>\n\n\n\n<li>Kh\u00f4ng m\u1edf c\u00e1c file \u0111\u00ednh k\u00e8m t\u1eeb ngu\u1ed3n kh\u00f4ng \u0111\u00e1ng tin c\u1eady, \u0111\u1eb7c bi\u1ec7t l\u00e0 file .exe, .zip, .doc c\u00f3 macro.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>S\u1eed d\u1ee5ng x\u00e1c th\u1ef1c hai l\u1edbp (2FA):<\/strong><br>B\u1eadt 2FA cho c\u00e1c t\u00e0i kho\u1ea3n quan tr\u1ecdng nh\u01b0 email, ng\u00e2n h\u00e0ng, m\u1ea1ng x\u00e3 h\u1ed9i. Ngay c\u1ea3 khi hacker c\u00f3 m\u1eadt kh\u1ea9u, b\u01b0\u1edbc x\u00e1c th\u1ef1c th\u1ee9 hai s\u1ebd ng\u0103n h\u1ecd truy c\u1eadp tr\u00e1i ph\u00e9p.<\/li>\n\n\n\n<li><strong>C\u1eadp nh\u1eadt ph\u1ea7n m\u1ec1m v\u00e0 h\u1ec7 \u0111i\u1ec1u h\u00e0nh th\u01b0\u1eddng xuy\u00ean:<\/strong><br>C\u00e1c b\u1ea3n c\u1eadp nh\u1eadt v\u00e1 l\u1ed7i b\u1ea3o m\u1eadt gi\u00fap ng\u0103n hacker khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng trong tr\u00ecnh duy\u1ec7t, email client ho\u1eb7c h\u1ec7 \u0111i\u1ec1u h\u00e0nh. \u0110\u00e2y l\u00e0 b\u01b0\u1edbc \u0111\u01a1n gi\u1ea3n nh\u01b0ng r\u1ea5t hi\u1ec7u qu\u1ea3 \u0111\u1ec3 gi\u1ea3m r\u1ee7i ro.<\/li>\n\n\n\n<li><strong>S\u1eed d\u1ee5ng c\u00f4ng c\u1ee5 anti-phishing v\u00e0 tr\u00ecnh duy\u1ec7t c\u00f3 ch\u1ee9c n\u0103ng c\u1ea3nh b\u00e1o:<\/strong><br>C\u00e1c ti\u1ec7n \u00edch m\u1edf r\u1ed9ng ho\u1eb7c ph\u1ea7n m\u1ec1m b\u1ea3o m\u1eadt c\u00f3 th\u1ec3 c\u1ea3nh b\u00e1o khi b\u1ea1n truy c\u1eadp website gi\u1ea3 m\u1ea1o ho\u1eb7c click v\u00e0o email nguy hi\u1ec3m. H\u00e3y \u0111\u1ea3m b\u1ea3o s\u1eed d\u1ee5ng tr\u00ecnh duy\u1ec7t v\u00e0 ph\u1ea7n m\u1ec1m b\u1ea3o m\u1eadt \u0111\u00e1ng tin c\u1eady.<\/li>\n\n\n\n<li><strong>Gi\u00e1o d\u1ee5c b\u1ea3n th\u00e2n v\u00e0 ng\u01b0\u1eddi th\u00e2n:<\/strong><br>Hi\u1ec3u v\u1ec1 d\u1ea5u hi\u1ec7u phishing v\u00e0 chia s\u1ebb ki\u1ebfn th\u1ee9c v\u1edbi gia \u0111\u00ecnh, b\u1ea1n b\u00e8 s\u1ebd gi\u00fap m\u1ecdi ng\u01b0\u1eddi c\u00f9ng ph\u00f2ng tr\u00e1nh. H\u00e3y th\u1ea3o lu\u1eadn v\u1ec1 c\u00e1c email l\u1ea1, link nghi ng\u1edd ho\u1eb7c th\u00f4ng tin b\u1ea5t th\u01b0\u1eddng tr\u01b0\u1edbc khi h\u00e0nh \u0111\u1ed9ng.<\/li>\n<\/ol>\n\n\n\n<p>Nh\u1eefng bi\u1ec7n ph\u00e1p n\u00e0y kh\u00f4ng qu\u00e1 ph\u1ee9c t\u1ea1p, nh\u01b0ng n\u1ebfu \u00e1p d\u1ee5ng \u0111\u1ed3ng b\u1ed9 s\u1ebd gi\u00fap gi\u1ea3m thi\u1ec3u \u0111\u00e1ng k\u1ec3 nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng phishing v\u00e0 b\u1ea3o v\u1ec7 an to\u00e0n th\u00f4ng tin c\u00e1 nh\u00e2n.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">7. Xu h\u01b0\u1edbng phishing hi\u1ec7n nay<\/h2>\n\n\n\n<p>Phishing kh\u00f4ng ng\u1eebng ph\u00e1t tri\u1ec3n, tinh vi v\u00e0 \u0111a d\u1ea1ng h\u01a1n theo th\u1eddi gian. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 nh\u1eefng xu h\u01b0\u1edbng n\u1ed5i b\u1eadt trong th\u1eddi gian hi\u1ec7n nay:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Phishing tr\u00ean di \u0111\u1ed9ng t\u0103ng m\u1ea1nh:<\/strong><br>V\u1edbi s\u1ef1 ph\u1ed5 bi\u1ebfn c\u1ee7a smartphone, hacker chuy\u1ec3n h\u01b0\u1edbng t\u1ea5n c\u00f4ng sang SMS (smishing) v\u00e0 \u1ee9ng d\u1ee5ng di \u0111\u1ed9ng. Tin nh\u1eafn gi\u1ea3 m\u1ea1o ho\u1eb7c th\u00f4ng b\u00e1o trong \u1ee9ng d\u1ee5ng c\u00f3 th\u1ec3 y\u00eau c\u1ea7u ng\u01b0\u1eddi d\u00f9ng click link ho\u1eb7c t\u1ea3i file, khi\u1ebfn nguy c\u01a1 b\u1ecb l\u1eeba cao h\u01a1n so v\u1edbi email truy\u1ec1n th\u1ed1ng.<\/li>\n\n\n\n<li><strong>AI phishing (s\u1eed d\u1ee5ng tr\u00ed tu\u1ec7 nh\u00e2n t\u1ea1o):<\/strong><br>Tr\u00ed tu\u1ec7 nh\u00e2n t\u1ea1o \u0111\u01b0\u1ee3c hacker d\u00f9ng \u0111\u1ec3 t\u1ea1o email v\u00e0 website gi\u1ea3 m\u1ea1o tinh vi h\u01a1n, m\u00f4 ph\u1ecfng ng\u00f4n ng\u1eef, gi\u1ecdng \u0111i\u1ec7u v\u00e0 c\u00e1ch tr\u00ecnh b\u00e0y gi\u1ed1ng th\u1eadt. \u0110i\u1ec1u n\u00e0y khi\u1ebfn vi\u1ec7c ph\u00e2n bi\u1ec7t email phishing v\u1edbi email th\u1eadt tr\u1edf n\u00ean kh\u00f3 kh\u0103n h\u01a1n bao gi\u1edd h\u1ebft.<\/li>\n\n\n\n<li><strong>K\u1ebft h\u1ee3p m\u1ea1ng x\u00e3 h\u1ed9i (Social Media Phishing):<\/strong><br>Hacker t\u1eadn d\u1ee5ng th\u00f4ng tin c\u00e1 nh\u00e2n t\u1eeb m\u1ea1ng x\u00e3 h\u1ed9i \u0111\u1ec3 nh\u1eafm m\u1ee5c ti\u00eau ch\u00ednh x\u00e1c. V\u00ed d\u1ee5, h\u1ecd c\u00f3 th\u1ec3 t\u1ea1o chatbot gi\u1ea3 m\u1ea1o h\u1ed7 tr\u1ee3 k\u1ef9 thu\u1eadt ho\u1eb7c gi\u1ea3 danh b\u1ea1n b\u00e8, \u0111\u1ed3ng nghi\u1ec7p tr\u00ean n\u1ec1n t\u1ea3ng nh\u01b0 Facebook, LinkedIn \u0111\u1ec3 l\u1eeba ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p t\u00ean \u0111\u0103ng nh\u1eadp, m\u1eadt kh\u1ea9u ho\u1eb7c th\u00f4ng tin nh\u1ea1y c\u1ea3m kh\u00e1c.<\/li>\n<\/ol>\n\n\n\n<p>Nh\u00ecn chung, c\u00e1c xu h\u01b0\u1edbng phishing hi\u1ec7n nay kh\u00f4ng ch\u1ec9 d\u1ef1a v\u00e0o email m\u00e0 c\u00f2n m\u1edf r\u1ed9ng sang di \u0111\u1ed9ng, m\u1ea1ng x\u00e3 h\u1ed9i v\u00e0 \u1ee9ng d\u1ee5ng AI, khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng c\u1ea7n n\u00e2ng cao c\u1ea3nh gi\u00e1c v\u00e0 li\u00ean t\u1ee5c c\u1eadp nh\u1eadt ki\u1ebfn th\u1ee9c ph\u00f2ng tr\u00e1nh.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">8. K\u1ebft lu\u1eadn<\/h2>\n\n\n\n<p>Phishing l\u00e0 m\u1ed9t trong nh\u1eefng m\u1ed1i \u0111e d\u1ecda tr\u1ef1c tuy\u1ebfn ph\u1ed5 bi\u1ebfn, khai th\u00e1c c\u1ea3 t\u00e2m l\u00fd con ng\u01b0\u1eddi l\u1eabn k\u1ef9 thu\u1eadt c\u00f4ng ngh\u1ec7 \u0111\u1ec3 l\u1eeba ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p th\u00f4ng tin nh\u1ea1y c\u1ea3m. C\u00e1c h\u00ecnh th\u1ee9c phishing hi\u1ec7n nay ch\u1ee7 y\u1ebfu qua email nh\u01b0ng c\u0169ng m\u1edf r\u1ed9ng sang di \u0111\u1ed9ng, m\u1ea1ng x\u00e3 h\u1ed9i v\u00e0 AI. H\u1eadu qu\u1ea3 c\u1ee7a phishing r\u1ea5t nghi\u00eam tr\u1ecdng, bao g\u1ed3m \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u c\u00e1 nh\u00e2n, thi\u1ec7t h\u1ea1i t\u00e0i ch\u00ednh v\u00e0 m\u1ea5t uy t\u00edn cho c\u1ea3 c\u00e1 nh\u00e2n v\u00e0 t\u1ed5 ch\u1ee9c. May m\u1eafn l\u00e0, v\u1edbi c\u1ea3nh gi\u00e1c, nh\u1eadn bi\u1ebft d\u1ea5u hi\u1ec7u, ki\u1ec3m tra email v\u00e0 URL, b\u1eadt 2FA, c\u1eadp nh\u1eadt ph\u1ea7n m\u1ec1m, ch\u00fang ta c\u00f3 th\u1ec3 gi\u1ea3m thi\u1ec3u r\u1ee7i ro. Vi\u1ec7c hi\u1ec3u c\u01a1 ch\u1ebf t\u1ea5n c\u00f4ng v\u00e0 \u00e1p d\u1ee5ng bi\u1ec7n ph\u00e1p ph\u00f2ng tr\u00e1nh l\u00e0 ch\u00eca kh\u00f3a b\u1ea3o v\u1ec7 th\u00f4ng tin c\u00e1 nh\u00e2n. Phishing c\u0169ng nh\u1eafc nh\u1edf r\u1eb1ng ki\u1ebfn th\u1ee9c v\u00e0 th\u00f3i quen an to\u00e0n l\u00e0 l\u00e1 ch\u1eafn t\u1ed1t nh\u1ea5t trong th\u1ebf gi\u1edbi s\u1ed1 h\u00f3a ng\u00e0y nay.<br><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">9. T\u00e0i li\u1ec7u tham kh\u1ea3o<\/h2>\n\n\n\n<p>[1] A. Jakobsson and S. Myers, <em>Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft<\/em>. Hoboken, NJ: Wiley-Interscience, 2006.<br>[2] R. K. Thomas, \u201cPhishing exposed,\u201d <em>IEEE Security &amp; Privacy<\/em>, vol. 2, no. 1, pp. 24\u201330, Jan.-Feb. 2004, doi: 10.1109\/MSP.2004.1265544.<br>[3] C. Herzberg and A. Jbara, \u201cSecurity and identification indicators in phishing attacks,\u201d <em>Proc. 14th Int. Conf. Financial Cryptography and Data Security<\/em>, pp. 41\u201350, 2010.<br>[4] Symantec, \u201cInternet Security Threat Report 2023,\u201d Symantec Corporation, 2023. [Online]. Available: <a>https:\/\/www.broadcom.com\/company\/newsroom\/press-releases<\/a><br>[5] Federal Trade Commission (FTC), \u201cHow to Recognize and Avoid Phishing Scams,\u201d 2023. [Online]. Available: <a>https:\/\/www.consumer.ftc.gov\/articles\/how-recognize-and-avoid-phishing-scams<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Phishing l\u00e0 m\u1ed9t h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng m\u1ea1ng nh\u1eafm v\u00e0o con ng\u01b0\u1eddi, v\u1edbi m\u1ee5c ti\u00eau \u0111\u00e1nh l\u1eeba ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p c\u00e1c th\u00f4ng tin nh\u1ea1y c\u1ea3m nh\u01b0 t\u00e0i kho\u1ea3n ng\u00e2n h\u00e0ng, m\u1eadt kh\u1ea9u, s\u1ed1 th\u1ebb t\u00edn d\u1ee5ng ho\u1eb7c th\u00f4ng tin c\u00e1 nh\u00e2n kh\u00e1c<\/p>\n","protected":false},"author":1,"featured_media":2066,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"googlesitekit_rrm_CAowieHDDA:productID":"","footnotes":""},"categories":[19,20],"tags":[],"class_list":["post-2065","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mang-may-tinh","category-an-toan-thong-tin"],"_links":{"self":[{"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/posts\/2065","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/comments?post=2065"}],"version-history":[{"count":2,"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/posts\/2065\/revisions"}],"predecessor-version":[{"id":3251,"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/posts\/2065\/revisions\/3251"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/media\/2066"}],"wp:attachment":[{"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/media?parent=2065"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/categories?post=2065"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kienthucmo.com\/vi\/wp-json\/wp\/v2\/tags?post=2065"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}