Experts decode the "online kidnapping" trick in the case of the missing female student

Behind this seemingly unbelievable incident is an increasingly sophisticated and dangerous scam scenario, known as "online kidnapping".

To clarify the operating mechanism, psychological manipulation tricks and prevention solutions, Dan Tri reporter had an interview with cyber security expert Vu Ngoc Son, Head of Technology and International Cooperation Department (National Cyber ​​Security Association).

Sir, the public is shocked by the case of two female students who were tricked to the point of isolating themselves in a hotel. Many people do not understand how young people, who are familiar with technology, can become victims so easily. From an expert's perspective, how do you explain this?

- Recent cases of students being "kidnapped online" show a worrying reality: even young people who are familiar with technology can still become victims of sophisticated fraud.

This is not contradictory, because “knowing how to use technology” is fundamentally different from “having digital security skills”. Criminals have learned to combine manipulative psychology with modern forgery techniques, creating highly believable scenarios that target the natural weaknesses of new students in the transition period: being away from family, integration pressure, lack of experience in handling legal and administrative situations.

So specifically, what psychological tricks and techniques did the bad guys use to trap the students, sir?

- Psychologically, bad guys often activate four main mechanisms: threats related to law and records; impersonating competent authorities (impersonating police, schools, banks); rare opportunities (fake scholarships, job opportunities, studying abroad); exploiting the confident, conquering psychology of young people (the mentality of "I'm good at technology so I won't be fooled" or "I'm old enough to seize opportunities").

When these factors come together with a sense of urgency, it's easy for victims to make hasty decisions, skipping basic verification steps.

Technically, criminals use OSINT (Open Source Intelligence), exploit public information from social networks, forums, and even leak personal information to concretize the scenario. They can fake voices, fake clothes, fake images, fake Facebook, websites, and fake documents to look exactly like the real thing.

They continuously send information, making the victim unable to review and believe that they are working with real people and real work.

The dangerous feature of this form is that the victim is asked to "stay on the line continuously", not to contact anyone and move away from a familiar environment (e.g. to a hotel) under the name of "secret verification".

This is a classic isolation technique: separating the victim from the support network (family, friends, teachers) to eliminate the mechanism of peer verification. Once the “script line” and the victim’s space are controlled, the subject increases the manipulation by alternating “superior - subordinate”, asking to record videos , send documents, or lead financial operations.

The attack chain usually includes: reconnaissance (data collection), staging (fake documents/websites), access (calls, messages, video calls), exploitation (threats - pressure), control (hold the phone - move), and then ends with blackmail or data/property appropriation.

AI and Deepfake technology are advancing rapidly. What role do they play in making these scams more dangerous?

- Although authorities and schools have issued many warnings, the effectiveness is still not commensurate due to three reasons:

First , warnings cannot cover every specific situation, and warnings cannot be personalized.

Second , the warning came at the wrong time because after the first exchanges, the victim was already “locked”, isolated and forbidden from outside contact.

Third , criminals use fake trust signals (websites, documents, agencies, organizations), causing general prevention messages to be “drowned out” by very convincing fake experiences at the scene.

The proliferation of AI has created a new generation of impersonators that are faster, more accurate, and more personalized. Subjects can impersonate relatives/teachers in real time, make video calls with Deepfake faces, chatbots respond to internal school procedures, and even create documents that “look” authentic.

These tools not only increase reliability but also shorten the time it takes to convince victims. As a result, the “true - fake signal” is heavily distorted, making traditional visual identification methods (looking at logos, looking at red marks, listening to voices) less effective.

Faced with such sophisticated tricks, how should students and people in general equip themselves with a "digital immune system", sir?

- A reality that needs to be frankly stated: many student-related procedures such as scholarships and profile confirmation are being moved online but lack a corresponding technological authentication mechanism.

Authentication and identification technologies have not been fully applied, so there is no tool for the recipient to authenticate electronically. In the context of new students leaving their families, pressured by deadlines and fear of legal involvement, these loopholes become "highways" for personalized fraud.

The root solution is to improve digital security capacity. Each individual needs to thoroughly understand the principle of stopping to verify through official channels, absolutely do not transfer money while still talking to someone claiming to be an agency, and should not handle situations where they are asked to hold the phone/move alone.

The four core competencies that need to be trained include:

Risk identification: Any requests related to money or legal documents must be verified through at least two independent channels (check the school/agency's official hotline yourself, or come directly).

The “5 seconds - 2 verifications” principle : Pause, breathe, then verify through two channels before operating.

Stay connected: Make a list of people to call in case of emergency (relatives, teachers, friends) and agree on a “family password” to check in with each other.

Stay informed: Follow official channels to spot new tricks and upgrade your skills. Also, set your default transaction limit low; don’t install remote control apps from unknown sources; disable sensitive access; and take screenshots of all evidence for early reporting.

Besides individual efforts, what is the role of family, school and management agencies in this fight, sir?

- Schools need to become “authenticity anchors” with a single portal for all important announcements; all electronic documents need to have a scientific authentication mechanism; clear policy statement: do not require important operations such as providing personal information, transferring money by phone.

In parallel, if possible, schools should organize a safety drill for the first number of courses with common scam scenarios, helping students practice the reflex of "hanging up - calling back to the official channel".

Families need to maintain regular contact, create an environment where children can immediately report any strange situations without fear of being blamed; agree on emergency contact rules, and instruct children to absolutely not go to strange places following "phone instructions".

On the management side, it is necessary to standardize electronic authentication in education : documents, notifications, and fee collection procedures must have mandatory technical verification mechanisms; issue inter-sectoral guidelines on handling situations where the phone is required to be kept on hold - considering this a high-risk indicator; build a focal point for receiving and responding quickly to connect relevant parties.

At the same time, increase targeted communication: short content, scripts that are close to the lives of new students, repeated during the "peak season" of enrollment.

“Online kidnapping” is the product of a convergence of psychological manipulation and technological forgery, accelerated by AI and Deepfake.

The gap is not in device knowledge, but in the gap between digital skills and digital safety skills.

To close that gap, we need a multi-layered safety ecosystem: individuals with a “digital immune system”; families and schools as authentication platforms; digital platforms that provide real-time checkpoints; and policies that create mandatory electronic authentication frameworks.

When these layers of defense work together, students – a vulnerable group in the transition period – will have more shields against increasingly sophisticated scams.

Thanks for sharing!

Source: https://dantri.com.vn/cong-nghe/chuyen-gia-giai-ma-thu-doan-bat-coc-online-trong-vu-nu-sinh-vien-mat-tich-20250925095241048.htm