In Southeast Asia, official government websites are frequently the subject of successful phishing schemes.
Scammers pretend to be from government agencies stealing personal information from unsuspecting victims.
One of the many phishing schemes includes targeting tourists who are desperate to enjoy travelling after an extended time under lockdown due to the Covid-19 pandemic.
During the pandemic, cybercriminals successfully impersonated various tourist document registration systems run by governmental agencies to steal the applicant’s personally identifiable information (PII).
Victims received suspicious emails informing them that they had to download a file from a malicious link to resolve a problem in their tourist pass application. Thousands of people who applied to enter the country were reported to receive fraudulent phishing emails asking for personal details.
In addition, an immigration service provider announced that there were several cases of voice phishing scams impersonating the agency using international phone numbers to defraud applicants of tourists wanting to enter the country.
In addition, some tourist application websites were found to charge applications more than 20 times the official fee.There are many commercial or private websites that offer immigration services.
It is important to note that some websites will promote legitimate services that applicants need to pay for. However, other websites can be phishing websites that can steal your money or private information.
To avoid these incidents, it is important to do a web search to see if there are reports made on that website.
Then, contact the website owner and make sure the user’s browser is up to date. Beware of websites advertised in emails by strangers and do not give your personal information unless the site is secure and the user knows who they are dealing with.
Read the disclaimers and terms and conditions and, if you choose to pay, use a protected payment method.