HÀ NỘI — The Joint Stock Commercial Bank for Foreign Trade of Vietnam (Vietcombank) and the Joint Stock Commercial Bank for Investment and Development of Vietnam (BIDV) have issued official warnings to customers over online phishing scams.

Both banks have reported information theft through e-banking counterfeiting, with cardholders’ negligence taken advantage of to steal their personal information, card data and passwords by asking them to input these on a fake website programmed to resemble the banks’ authentic online platform.

For example, two fake addresses were listed as homebank247.com/Bidv, or homebank247.com/Vietcombank. These fraud sites used forged interfaces mimicking the two banks’ real online banking services domains.

Vietcombank and BIDV confirmed that their official registered websites are vietcombank.com.vn and bidv.com.vn, respectively.

To protect personal information, Vietcombank said their customers should only use the website provided above and carefully read their safety transaction guide.

BIDV also advised customers not to login to the e-banking system from links sent via emails, which often contain unconfirmed advertising information from unknown sources.

If customers suspect that they have already accessed these fake links, they should change their password and contact BIDV for assistance immediately.

The move is a follow-up action by banks to ensure data thievery incidents, like Agribank’s 12 hacked accounts earlier in May, would not happen again.

The probability of cyber crime happening to banks is low as they have established security systems, so often times customers are a more vulnerable target, according to BIDV.

The majority of bank account thefts occur due to disclosure of personal information, said Hồ Đức Dũng, an expert in banking security.  

According to Dũng, cardholders should not deposit too much money in their ATM card accounts, and to set the lowest possible limit for credit cards in case of overcharges due to fraudulent activities.

He advised users to never lend anyone their card, and to change their personal identification number (PIN) often, as hackers could easily capture all personal information such as account numbers, PINs, or even CVV/CVC numbers on the back of the credit card to appropriate funds on the customer’s account.

Previously, the State Bank of Vietnam (SBV) reported that less than 11 per cent of cardholders in the country are aware that data thievery can occur to them instead of their financial institutions.

The SBV warned that e-banking users should understand their rights and obligations as customers, as well as the risks attached.

Previously, in 2017, the SBV noted a number of new fraudulent domain names registered for the purpose of mimicking banks’ official sites, not only to gain customer information, but also to provide untrustworthy loan services, customised to trick even seasoned users.

The SBV warned local banks about other hazards such as black box attacks and malware attacks, and required these bank branches to regularly inspect and monitor their ATM system to promptly detect suspicious signs, while installing 24/7 high-definition security cameras at withdrawal spots. — VNS