Illustrative image. (Source:

HCM City (VNA) - The State Bank of Vietnam has warned people using online banking services to be vigilant since many frauds have occurred recently.

Customers should follow banks’ guidance and regulations and pay more attention to certain security measures, it said.

Firstly, they must keep information about online banking services like username, password and one-time-password secure, not revealing them to anyone, even bank staff, through telephone, email or social network.

Secondly, they should protect their mobile phone and other devices used for online banking by installing anti-malware software and using password or fingerprint authentication.

Thirdly, the passwords should not be easy to guess or saved for the next transaction and should be changed often.

Fourthly, customers should not use public computers or wifi to access online banking services.

Fifthly, customers should directly type the bank’s URL instead of choosing links.

“Criminals often take advantage of customers’ credulity and carelessness to steal individual information and then take money from their banking account,” an SBV spokesperson said.

There are three common methods of fraud.

The first is a phishing attack. Criminals set up a fake website that looks like a bank or e-commerce website and send an email to people asking them to log into the fake website for some normal transaction like checking the account balance or changing the password.

If a customer does it, their private information is stolen.

The second is social engineering. Criminals make a phone call or send a message to people claiming to have won a big prize or pretending to be their relatives or friends and asking them to provide information about their bank account, card or OTP.

The third is malware attack by persuading people to enter into fake websites or email messages that include malware.

The malware will then worm into that person’s computer or smart phone and send all private and secured information to criminals.

Earlier this month a Vietcombank customer in Hanoi lost 500 million VND (22,500 USD) from her banking account.

The bank managed to retrieve 300 million VND (13,550 USD), but the woman lost the remaining 200 million VND (8,950 USD).

Soon afterwards banks informed customers about the fraud and reminded them to keep information secure and not provide any information through telephone, email, social networks or unknown links.

Yet, another person in HCM City was duped into providing OTP information and lost money.

Following the incidents, Vietcomebank (the Joint Stock Commercial Bank for Foreign Trade of Vietnam) on August 16 announced changes to activation methods of smart OTP services.

The changes to smart OTP services are aimed at improving security.

Accordingly, customers who have already used smart OTP and wish to continue using the services on their existing devices must re-activate the service via Vietcombank’s Internet banking service.

Those who have not registered for smart OTP services or want to change their devices, will have to go to Vietcombank branches to register and get the service activated.

OTP subscribers are encouraged to download the latest smart OTP application from Google Play Store and Apple Store.

Further investigations are ongoing.

Banks also urged customers to be alert against cyber-attacks.-VNA