The English version is AI translated.

Continue
Issues
Leader's Remarks
Cover Story
Group Briefing
Honor and Personnel Change
Welfare
Office Talk
Hot Topic
Life Guide
Story
Editor

02.2023 Life Guide

"Harpoon fishing attack" seen from Korean dramas

Far Eastern New Century Corporation / Jane Junru
播放语音
/P30        In 2022, the Korean drama "Yu Yingwu, an extraordinary lawyer" was deeply loved by the audience. In addition to the high beauty and exquisite acting skills of the male and female protagonists, as well as the life-like and gripping stories, which resonated with the audience, it also connected many important issues and was very thought-provoking. Especially at the end of the event, Yu Yingwu, the protagonist, undertook a major incident of asset security - harpoon fishing attack, which shows that the importance of asset security issues is increasing day by day and has become a popular theme of Korean dramas.

        In the play "Yu Yingwu, an extraordinary lawyer", Rowan e-commerce company is one of the largest e-commerce companies in South Korea, with unlimited prospects. However, hackers used harpoon phishing to steal nearly 40.95 million user information and credit information (nearly 80% of the total population of South Korea). The hacker invaded the e-mail exchanged between the person in charge of the company's database and his brother, clearly grasped the content of their usual conversation, and even sent e-mail in imitation of his brother's tone. Since the mail itself is specially made malicious code to attack specific objects, the anti-virus software cannot detect it. Rowan Company was fined KRW300 billion (about NTD7 billion) by the Broadcasting and Communication Commission for failing to properly protect the user's personal capital. In addition, if more than 40 million users filed a class action claim, the e-commerce giant is likely to be on the verge of bankruptcy overnight.

                Harpoon phishing refers to sending an unidentifiable file in the name of the company or organization to a specific target in the form of e-mail to induce the mail user to further log in his account password, and the attacker can use this to install a Trojan horse or other spyware to steal secrets; Some hackers will also put virus automatic downloaders in the web pages that employees often browse, and continue to update the variant viruses in the infected system, leaving users struggling to cope.

        In this play, the database administrator of Rowan E-commerce Company clicks on the personal resume sent by the hacker who fakes his brother, and then spreads the malicious code hidden in the WORD file of the hacker to the computer, which leads to the harpoon attack. As the person in charge of the company's database, although he has been familiar with various phishing methods, he still lost his vigilance and fell into the malicious phishing e-mail trap, let alone the general users who are not familiar with the network.

        In the face of the ever-changing phishing scams, how can ordinary users prevent it? It is suggested to memorize the pithy formula of "one change, two checks and three anti-virus".

        ・ Change: Generally, the target of hacker fraud is the user's account password, so a secure and rigorous password is the first line of defense. Changing the password regularly and avoiding the use of simple passwords that are easy to guess can reduce the probability of being cracked by hackers.

        ・ 2 Verification: recent phishing scams are packaged into daily events that occur in the user's life through various links or text messages (such as links to anti-epidemic policy applications, links to supermarket packages, etc.). Therefore, do not click on any links easily. First confirm the source of the website and conduct relevant verification to avoid falling into the fraud trap.

        ・ Three antivirus: professional tools (such as antivirus software) can be used to identify and block viruses and strengthen network security.

        Modern people's food, clothing, housing, transportation, education and entertainment are inseparable from the network and information equipment, but the methods of phishing fraud are diverse and ever-changing. Not only does South Korea publicize the importance of asset security through Korean dramas, but the United States federal government has also held asset security propaganda activities in October every year since 2004, and set it as "National Cybersecurity Awareness Month (NCSAM)", hoping to enhance the importance of enterprises and the public to asset security, The theme of information security in 2022 is "See Yourself in Cyber". The organizer explained that network security seems complicated, but it is closely related to people. Users should pay more attention to information security issues to avoid falling into fraud traps, which will threaten their own rights and privacy security. All major countries in the world are leading the improvement of capital security awareness. Are you keeping up?

        ----------------------------------

        * Note

        Existing types of phishing:

        Phishing -- usually through email.

        Harpoon phishing -- precisely lock the e-mail of specific objects.

        Whaling - specifically targeting phishing emails from senior executives.

        Internal phishing - phishing attacks originating within an enterprise.

        Phishing - Phishing through telephone.

        Phishing newsletter -- phishing via mobile phone newsletter.

        Social media phishing - phishing using Facebook or other social media posts.

        Web address grafting attack (Pharming) -- an attack that invades the DNS cache.

        For more types of phishing, please refer to: http://bit.ly/3Jq2YLG

        Image source: Freepik

        

        
Back  Back To List
Comments(0)

Hot Issues

  1. Smart City Launching Far EasTone and ETC Taiwan Team Showcasing Brilliant Achievements
  2. The new environmentally friendly cement ship "Asia Cement Corporation No. 9" has officially joined the U-Ming Marine Transport fleet
  3. Asia Cement Corporation and Hualien fought side by side to overcome difficulties after the strong earthquake of 0403
  4. Carbon reduction support and green supply chain empowerment
  5. Jiangxi Yadong Cement was awarded the title of "2023 Youth Safety Production Demonstration Post" in Jiujiang City
more

The Latest

  1. Far Eastern New Century Corporation and Far EasTone Telecommunications won three awards in FinanceAsia
  2. Nanchang Yadong Cement was awarded the honor of "Top 20 Green Contributions" in Nanchang City in 2023
  3. Far Eastern Memorial Hospital collaborates with Asia Eastern University of Science and Technology to cultivate nursing professionals
  4. Far Eastern Group Shangri La and Mega50 "Taipei International Tourism Expo TTE" online travel exhibition opened on May 20th
  5. Pay taxes easily, save money, HAPPY GO Festival 100000 points, and then give NTD10000 department store gift vouchers
more

Recommend

Events

feib WMHappy
Far East SOGO Department Store
Official website new debut
Fe sogo department store so good kids selection
Start the new year with Far EasTone, good luck comes from the dragon, and give you Far EasTone coins to buy and use
FET Travel Insurance
FE Bank high interest deposit
Tonia Nicole New arrivals
OSC Online account opening
etc for business
ETC BANNER
a.mart
bankee
FETP