More than 8.5 million accounts were stolen in the first 6 months of the year in Vietnam

In the first half of 2025, VCS's Viettel Threat Intelligence system recorded nearly 8.5 million stolen Vietnamese user accounts, accounting for 1.7% of the total number of leaked accounts globally. In particular, many accounts are related to important systems such as corporate email, VPN, SSO, and administrative accounts. The loss of information on these accounts poses a high risk of unauthorized access, theft of internal assets, and sabotage of system operations.

In addition, Viettel Threat Intelligence detected 191 cases of data being sold in Vietnam in the first half of 2025, three times higher than the same period last year. The amount of data being sold reached nearly 3 billion records, equivalent to 482 GB of data, including personal information, customer records and internal systems of many reputable businesses. The cause of the leak often comes from unpatched security holes or previously compromised accounts that were not detected in time. Notably, during this period, 67 newly emerged security holes were identified that could directly affect Vietnamese businesses.

Viettel Cyber ​​Security's report also said that more than 4,500 fake domains and 1,067 phishing websites have been recorded in recent times. The scams are increasingly sophisticated, including impersonating banks, tax authorities, electricity companies, delivery companies, recruitment staff and even summer volunteer programs.

Mr. Tran Minh Quang, Director of the Center for Analysis and Sharing of Cyber ​​Security Risks, VCS, said that the victims of fraud are not only individual users, but also businesses or internal employees who have access to systems, finances or customer data. From there, hackers can penetrate deep into the organization's operational chain when the fraud is successful.

Cyberattacks are becoming more dangerous as they become more personalized thanks to AI and data collected from social networks, making it easier for users to fall into traps and difficult to identify threats, while traditional security systems find it difficult to detect.

VCS experts predict that AI and deepfake will become central elements of attacks in the second half of 2025. Automated phishing, deepfake voice/ video , and voice impersonation will make it difficult for users, especially corporate employees, to distinguish between real and fake.

In addition, fileless malware and ransomware as a service (RaaS) are on the rise. Hackers can purchase complete attack packages on the black market and deploy malware to targets with just a few clicks.

IoT platforms and blockchain ecosystems are also emerging as new targets for hackers. Weakly secured devices and poorly monitored distributed systems are becoming targets for attackers.

VCS experts recommend that businesses should shift from a "defensive approach" to a "proactive monitoring and early prevention" mindset by deploying a 24/7 information security monitoring system to identify attack campaigns early.

Businesses also need to regularly review and patch vulnerabilities in critical systems, especially software and devices that are vulnerable to hackers, and invest in next-generation security solutions. At the same time, it is necessary to assess the level of risk from suppliers and third-party partners to minimize risks from the supply chain.

An important factor is to build a culture of information security within the enterprise. Each employee needs to be trained to recognize signs of fraud and comply with minimum access rules to avoid attacks.