With the extended 30-4 holiday, the demand for cashless payments and transactions has increased. However, as financial cybercrime is on the rise, scammers are constantly devising new tactics. BIDV has identified common scams such as using malware through suspicious links and fake applications to gain access and control over users’ mobile devices, including banking and securities applications, to steal large sums of money.
Scammers also impersonate BIDV’s customer care hotline and offer assistance with banking services such as cards, accounts, SmartBanking, and e-wallet linkages. They request personal information, account and card details, passwords, and OTPs, and may also send links with the intention of stealing assets.
Scammers use sophisticated tactics to impersonate banks and steal from customer accounts. (Illustration)
Imposters posing as police or tax authorities instruct customers to download fake applications like VNEID, VSSID, or eTax and perform transactions such as password changes or utility bill payments to gain access to their mobile devices. They then log into banking, e-wallet, or securities applications to steal assets.
BIDV asserts that the bank does not proactively contact customers to request complete card information (card number, expiration date, CVV code) or online banking details (login name, password, OTP). Therefore, BIDV urges users never to disclose such information to anyone under any circumstances.
“Be cautious of any requests to install applications outside of App Store/Google Play, especially through TestFlight (a platform that allows developers to invite users to test alpha and beta versions of their apps).
Never click on or open links sent by strangers or unknown sources across all platforms, including social media or messaging applications,” BIDV warned.
Cake by VPBank, a digital bank, also warned of a scam involving the impersonation of their brand to defraud and steal from customers.
Cake by VPBank stated that they had received reports from customers who received fake emails informing them of their eligibility for a high credit limit of up to VND 100 million.
Phishing email impersonating Cake by VPBank to steal customer account information
The scammers instructed customers to maintain a certain balance in their accounts and open a virtual payment card. They then impersonated bank employees, contacting customers directly or via Zalo and Messenger, and requested login information, card details, and OTP codes for account verification.
“After performing transactions on the virtual payment card, the scammers would steal money through online transactions and block all communication with the customer. Cake by VPBank automatically approves and adjusts credit limits without manual verification and does not require customers to provide account or card information for verification,” the digital bank advised.
Despite continuous warnings from banks, many customers have fallen victim to sophisticated scams and lost money to cybercriminals.
