Mr. Nguyen Ngoc Quy, Head of the Card Association Risk Management Subcommittee (Vietnam Banks Association)
On August 16, 2024, at the workshop "Cards in the context and trends of digital payments", an activity within the framework of the 2024 Annual Conference and the 2024-2027 Term Conference of the Bank Card Association (Vietnam Banks Association). The Head of the Card Association's Risk Management Subcommittee shared and warned about some forms of fraud through card transactions and domestic payments.
Currently, non-cash payments and online payments have been developing rapidly, digital transformation of the banking industry is also gradually developing, which means that it will be accompanied by some issues of security, safety and security of payment to avoid scams against people.
According to Mr. Nguyen Ngoc Quy, Head of the Card Association Risk Management Subcommittee (Vietnam Banking Association), the risk of domestic card transactions/payments and international card payments is complicated and unpredictable with many sophisticated tricks. Criminals circulate money flows at a rapid speed, interbank scope and out of the banking system quickly.
According to statistics from the Risk Management Subcommittee, there are up to 24 sophisticated forms of fraud including: Deepface and Deepvoice Video Calls; Cheap travel combos; Forging money transfer receipts; Impersonating medical staff to report relatives in emergency; Recruiting child models; Notifying to lock SIM cards due to unstandardized subscriptions; Impersonating financial companies; Installing applications, links advertising gambling and betting; Website forgery; Website forgery; Securities and virtual currency investment fraud; Fraudulent recruitment of collaborators; Stealing social network accounts, sending fraudulent messages; Impersonating police agencies, the Procuracy, the Court; Selling fake and counterfeit goods on e-commerce platforms; Transferring money to the wrong bank account; Stealing ID card information to borrow money; Providing money recovery services after being scammed; Spreading fake news about FlashAI money-losing calls; Providing Facebook account recovery services; Seeding dirty ads on social networks; Giving lottery numbers; Love traps; Sending parcels, winning prizes.
In which, Mr. Quy pointed out two common forms of fraud in recent times:
Fake applications to take control of the device: First, the subjects will find a way to approach the victim through forms of impersonating state agencies, contacting the victim to request the installation of fake applications of state agencies such as: General Department of Taxation, Ministry of Public Security, Government, Public Services... Then, these subjects take control of the phone by instructing customers to authenticate personal information and activate online, then take over the Accessibility rights on the phone using the Android operating system to take over the right to use the banking App on the phone. The subjects will steal personal information and take over the customer's money in the card shown on the App, or request facial recognition on the fake application software, from there using facial information to make transactions on the banking app.
Customers are instructed by fraudsters to open a non-physical card on a banking app, tricked into providing the card number and OTP code to make transactions: At that time, the fraudsters will impersonate bank staff to contact via phone/social network to invite them to open a credit card online; Instructions to log in to perform eKYC (if they do not have a bank account) and open a non-physical card online. Then the customer follows the instructions, registers to open a card online on the app. In fact, it is a non-physical debit card and reports it to the fraudster. The fraudster asks to take a screenshot with the card information to send to the subject (maybe requesting to transfer more money into the account to prove financial capacity...). At that time, the customer has sent the information, the fraudster uses the card information to transfer money to electronic accounts, pay at information technology units under the electronic account. The request to provide OTP has been sent to the customer's phone, at that time, the customer has been scammed out of money by the fraudster.
Particularly for international cards, fraudsters exploit security vulnerabilities, collect customer information on a large scale or intentionally guess customer information to accumulate a large amount of customer/card information. In addition, there are some cases where customers intentionally take advantage of and commit fraud through the sales/refund policy features when complaints arise from Facebook, Google, Apple, etc.
With such sophisticated forms of fraud, individuals and organizations need to be more vigilant and cautious when facing strange phone calls and links.
Mr. Nguyen Ngoc Quy also proposed to strengthen closer coordination between functional agencies and units such as the Ministry of Public Security, the State Bank, the Card Association, the International Card Organization/Napas. Accordingly, Napas needs to speed up the issuance of coordination procedures to support the handling of accounts/cards suspected of being related to forgery and fraud among member organizations; The State Bank issues specific instructions on authentication methods as a basis for credit institutions to apply and implement compliance; International card organizations share information on the principle of supporting the market but providing free warning information, reducing fees for using appropriate warning programs...
N.A
