A phishing SMS message posing as a genuine message from a bank. Photo baotintuc.vn

HÀ NỘI — Banks are warning their customers about phishing SMS scams that are once again on the rise.

Vietcombank said it had received multiple reported cases of scam SMS disguised as genuine messages recently. 

The fraudulent messages claim that the recipient's VCB Digibank application has been activated on an unknown device and ask them to click a link to identify the device.

Clicking on the link leads the victims to a fake website mimicking the application's login interface, where they are asked to enter their login name, password, and one-time authentication code to sign in.

Scammers then collect their login data to gain control of their bank accounts and steal their money.

"If customers accidentally disclose their data to a suspicious link, they should immediately deactivate their VCB Digibank account by texting VCB KHOA DIGIBANK to 6167 or calling our hotline," said Vietcombank.

The bank also said it was cooperating closely with relevant authorities to prevent the spread of phishing SMS and minimise any financial risks to its customers.

Maritime Bank said phishing messages appear genuine because they share the same folder with genuine messages on the recipients' mobile phones.

Phishing messages normally contain notifications of suspicious transactions requiring verifications or account suspension notifications.

These messages then ask the recipients to access a link to verify the claimed transactions or reactivate their accounts. Once victims enter their confidential data, scammers will use the data to seize their bank accounts.

The bank requests customers not to click on links embedded in SMS messages that contain similar notifications and never enter passwords, OTP codes, PIN codes, and activation codes into any suspicious links. 

The bank recommends customers call its hotline when they detect any suspicious activities in their accounts and never log in to any interface apart from the MSB mBank application and its official website.

Customers could verify a specific link's reliability by accessing the domain database provided by the Vietnam Internet Network Information Center.  

Experts recommend that customers, upon receiving a message requesting access to any links, take time to check whether the links are genuine.

As a rule of thumb, phishing links normally contain unusual characters that are never found in official links. — VNS