Just by clicking on a strange link, many people have had their Zalo access stolen, their personal information leaked, or their bank accounts lost. Most of the cases stemmed from fraudulent links sent via private messages.
Below are the 5 most common types of messages that users need to be wary of to avoid falling into traps.
Message with survey link, receive gift
This is a form of fraud that appears with high frequency. Fraudsters send messages inviting users to participate in surveys to receive gifts, download free documents, view the support list or "verify information" to receive rewards.
When users click on the link, they are taken to a fake website designed to look like a legitimate survey site, where they are asked to provide their name, phone number, email, or even a photo of their ID.
Many people had their Zalo access stolen, personal information leaked or money lost in their bank accounts (Photo: Thien Di).
This data can then be used for fraud, resold to third parties, or used for identity theft.
Message asking to log in to Zalo or enter OTP
This is the fastest and most direct way to hijack an account. The scammer creates a login page with an interface identical to Zalo and sends a link with a reminder that says “The system requires verification”, “The account shows signs of abnormality” or “You need to log in again to continue using”.
If the user enters the phone number, password and OTP (one-time password to authenticate the transaction), the information is immediately transferred to the subject's server. Immediately after that, the Zalo account is hijacked. In many cases, the scammer continues to use the hijacked account to text the victim's friends to borrow money, borrow OTP or continue to spread malicious links.
Fake bank messages
Fraudsters use text messages that look like notifications from banks, such as “Account about to be locked”, “Transaction needed”, or “Increase credit card limit”. The text messages include links to websites with interfaces similar to Internet Banking.
Fake bank messages often lead to fake websites, causing users to reveal card information and lose money in just a few seconds (Illustration photo).
When users enter card numbers, login passwords, OTPs or security information, all banking data falls into the hands of the subject. Many victims have had their money withdrawn within seconds of declaring information.
Messages with links to email and messaging apps
This is a type of phishing attack that uses familiar platforms such as Facebook, Gmail, TikTok, or some popular email and messaging apps. The messages usually say “You have a new document”, “You received a video ”, “Verify to view photos”, or “System requires you to log in again”.
Users who log in to these websites will have all their information stolen. From there, criminals can access emails, steal personal data, and reset passwords for other important accounts such as banks, e-wallets, or social networks.
Message inviting "doing mission"
This is a widespread scam. Users are directed to a third-party app or chat room where an individual claiming to be an “admin,” “recruiter,” or “supporter” asks the victim to complete simple tasks in exchange for monetary rewards. The initial tasks are usually small in value to build trust.
As the victim continues to participate, the subject asks for more money to “unlock missions” or “increase the reward”. Once the amount of money is large enough, the subject immediately disappears.
How to avoid being scammed
Faced with the increasing prevalence of scams, Zalo has issued repeated warnings. The platform emphasizes that the most important step to protect yourself is not to access any links that appear unusual, even if they are sent by acquaintances.
Many subjects also ask users to open links from external browsers to avoid warning systems. In all cases, users should only open links from trusted sources. Remember that the accounts of acquaintances can be completely hijacked and used to spread malicious links.
Zalo recommends that users do not open strange links and report suspicious messages immediately to avoid having their accounts taken over or losing money (Photo: Thien Di).
When detecting suspicious messages, users should report them immediately. This is done by selecting “See more” in the upper right corner, then selecting “Report”. The application will receive and process them to prevent the dangerous link from spreading.
In case you accidentally access or enter information into a strange link, users need to handle it immediately by stopping access, changing Zalo and bank passwords and absolutely not providing OTP to anyone. At the same time, users should contact the bank to check the transaction and implement necessary protection measures.
Source: https://dantri.com.vn/cong-nghe/5-kieu-tin-nhan-tren-zalo-khien-nhieu-nguoi-mat-tien-ma-khong-hieu-vi-sao-20251209182916172.htm
Comment (0)