.jpg "Phát tài liệu tuyên truyền phòng ngừa tội phạm cho hơn 400.000 hộ dân ở Hải Dương")
.jpg "Real estate market in the south of Hai Duong city is bustling")
.jpg "Extremely dangerous forest fire risk in Kinh Mon, Chi Linh")
-ac017d3d3ce25d3405471795d6bb26f0.jpg "Gia Loc needs over 10 billion VND to invest in renovating and expanding landfills.")
Submit a comment
There have been a series of cases where victims have lost tens and hundreds of billions of dong, the latest being the Chairman of Nhon Trach District. How did criminals take such a huge amount of money from customers’ accounts?
A series of other hot questions are also raised: how to make transactions safe, how do banks prevent it, and what solutions does the State Bank have to prevent it?
Ms. H., a businesswoman in Ho Chi Minh City, said that two weeks ago, a scammer impersonating a tax officer contacted her, texted her, added her on Zalo, provided her with a link and instructions to install fake tax agency software to declare taxes.
Thinking it was real, she followed the instructions and then her account "evaporated" 220 million VND. When she discovered that the money was missing from her account, she was shocked because she did not know how these scammers could transfer such a large amount of money while she set a daily transfer limit of only 10 million VND.
Mr. NHS (Hanoi) said he had just lost more than 300 million VND in savings deposited online at a bank headquartered in Hanoi. He said that 2 weeks ago he received a call from a strange number, claiming to be from the district police, contacting him with instructions on updating and resynchronizing his level 2 electronic identification account.
"I logged into the message and followed the instructions. Then, about an hour later, I received an SMS notification from the bank that I had just closed my online savings account of 100 million VND and my account was deducted 100 million VND. Meanwhile, I did not do anything" - Mr. NHS worried.
On March 22, the news that Ms. Nguyen Thi Giang Huong, Chairwoman of the People's Committee of Nhon Trach District, was scammed out of more than 100 billion VND shocked public opinion. Sources said that the scammers asked Ms. Nguyen Thi Giang Huong to open an account, then Ms. Huong mobilized money from relatives to deposit into the account.
In many ways, the online fraud group took tens of billions of dong from the current district chairman's account each time. The total amount of money stolen by criminals from Ms. Nguyen Thi Giang Huong has reached more than 100 billion dong, while Ms. Giang Huong said: "This is a case of hackers attacking the account. The money is in the account, I did not transfer the money."
Speaking to Tuoi Tre, a bank leader said that the above cases may have fallen into a new scam trap of abusing accessibility rights on some applications installed on the phone.
A common way to set traps is to impersonate functional forces such as police agencies, tax agencies to guide the installation and activation of level 2 electronic identification accounts (VNeid) or apps of the General Department of Taxation... through links they send to victims via social networks.
These are fake apps containing malicious code that can collect personal information, bank account information, request access permissions and from there the bad guys can remotely control, access personal data and read messages on the victim's phone.
When they control the bank account and the message containing the OTP code, criminals can easily transfer money to another account to appropriate it. That is why many people who lost money said they did not transfer money, did not receive notification messages... but the money is still lost.
According to the director of the digital banking division of a large joint stock bank, customers using banking apps in general on the Android operating system (not yet recorded on the iOS operating system) are at risk of having their phone usage behavior monitored, including the use of mobile banking apps and remote control.
Accordingly, hackers control the phone to operate without the user's knowledge, thereby stealing login information, passwords, PIN codes, and OTPs to steal money in the account.
Since the middle of last year, this scam has been on the rise and banks have issued warnings.
"The scammers take advantage of a permission in the Android operating system called "accessibility".
This right is created to support vulnerable customers such as the elderly, disabled, and those with limited functions such as poor eyesight, poor hearing, etc. to use the phone more conveniently.
However, hackers take advantage of this right to "record" - monitor user behavior and "remote" - remotely control customers' phones," the director explained.
To gain control of the phone, hackers will lure customers to click on links or download fake apps from agencies such as tax, electricity, job search or entertainment games... containing malicious code. This app will ask for "accessibility" permission and if the customer is not careful, they will click "accept", granting this permission to the app.
From then on, the fake app will monitor to collect customer login information every time the customer uses the banking app.
After having enough information, the hacker will wait until the customer's account has a lot of money or when it is late at night and the customer is not paying attention to the phone to remotely access the customer's phone to transfer money and steal it.
Speaking with Tuoi Tre, Mr. Pham Anh Tuan, Director of the Payment Department of the State Bank, assessed that the situation of people being scammed by high-tech criminals to steal money from their bank accounts is happening continuously, even though banks have warned about the tricks of the criminals.
A leader of the State Bank's Information Technology Department said that the tricks and methods of cyber criminals are becoming increasingly sophisticated.
They impersonate state agencies such as tax, police... and then present situations of updating, synchronizing level 2 electronic identification accounts, tax settlement, even saying they are related to drug trafficking... to manipulate people's psychology.
The scammers then trick people into clicking on links they send or installing apps that contain malware that can take control of Android phones.
"Taking control of a phone means that the scammer can read personal data, read messages containing OTP codes, and control the bank account application on people's phones.
The phone owner did not receive any messages even though he was holding the phone in his hand. And when he got into the other person's bank account, the thief transferred money and appropriated the property" - the leader of the Information Technology Department said.
According to banks, the defrauded money is often difficult to recover even when the perpetrator is caught because it is immediately transferred through many accounts or "laundered" through a complex system by converting it into scratch cards, digital money or depositing it into illegal betting and gaming accounts.
It is very difficult for customers to claim compensation from the bank for transactions authenticated by full login information and OTP authentication code and on the same device that the customer is using for other normal transactions.
Therefore, the banking system confirms that these are valid transactions made by the account holder, in accordance with the regulations on providing and using electronic banking services between customers and banks.
Therefore, banks can only coordinate with high-tech crime prevention agencies, police and investigation agencies to support customers. Banks and customers must wait for the investigation results from the authorities.
Banks also recommend that customers be vigilant, understand their rights and responsibilities when conducting banking transactions, especially in cyberspace; raise awareness of new tricks, which are constantly communicated in the press and from banks, to be more vigilant against scammers.
