Raise awareness of the risk of information disclosure in cyberspace

A series of sophisticated scam scenarios are constantly being "upgraded"

While cybercriminals used to focus on exploiting technical vulnerabilities, they are now shifting their focus to exploiting users’ psychology and lack of vigilance. Fraudulent methods are becoming increasingly complex, no longer limited to simple text messages or phone calls.

Criminals often take advantage of basic personal information leaked from various sources on the internet (such as full name, date of birth, phone number, etc.) to build convincing scam scenarios. From there, they impersonate authorities, bank employees or service providers to ask users to "verify information", "receive gifts", or "troubleshoot" to check information.

Notably, criminals can make a series of legal threatening calls while claiming to be from the police, the prosecutor's office, the court... with the purpose of creating psychological pressure, asking the victim to provide the above information or transfer money to a "verified account" to commit property appropriation.

In addition, recently, more sophisticated forms of fraud have continued to appear, such as using malware to spread messages, emails, applications containing malicious code, and strange links leading to fake websites. When users accidentally click or install, criminals can remotely take control of the device, thereby stealing bank account login information and other important data. In addition, criminals can use AI technology such as deepfake to fake images and voices of relatives and friends to carry out online fraud, making it difficult for victims to distinguish between real and fake.

Enhance user “resistance” through core principles

Faced with the above risks, financial institutions play a key role in advising customers to be more vigilant and implement a series of measures to protect personal information. For example, at Orient Commercial Bank (OCB ), information security is a prerequisite in all operational processes. The bank also continuously implements a series of measures to evaluate, assess and review internal as well as technological systems. These activities are carried out regularly to promptly detect, prevent and completely eliminate the risk of information leakage, ensuring that customer data is always protected at the highest level.

In addition, OCB recommends that customers need to be vigilant against online fraud. Absolutely do not access strange links, files or emails; do not follow instructions from suspicious calls or messages. Limit the use of public computers, public Wi-Fi when accessing electronic banking services; do not provide login names, passwords, OTP, card numbers or personal information via phone, email, social networks or other websites.

An important principle is that authorities and banks never ask customers to provide confidential information such as passwords, OTP codes or card numbers through unofficial channels including: phone, email, social networks... When suspecting information is leaked, users need to immediately change their password and use available security tools such as registering to receive balance change notifications via SMS to monitor their accounts. At the same time, it is necessary to immediately contact the authorities and notify OCB via hotline, email or at the nearest branch/transaction office for timely support.

OCB's leadership representative emphasized: "In the context of increasingly sophisticated technology crimes, the safety of each transaction is only truly guaranteed when there is close coordination between the bank and the customer. Therefore, we are committed to continuing to be a reliable companion, bringing customers the safest and most convenient experiences."