Increased use of AI to combat online fraud.

Bank account information theft and online fraud continue to run rampant despite Vietnam's implementation of strict regulations related to bank account identification and verification, and the requirement for biometric authentication for transactions. Why is this happening?

Speaking to Tuổi Trẻ newspaper, Mr. Ngo Tan Vu Khanh - business director of Kaspersky security company in Vietnam - said that applying biometric authentication methods such as facial recognition, fingerprints, and voice recognition helps minimize information security risks when conducting high-value transactions.

However, with the development of technology, potential vulnerabilities still exist and become targets for cybercriminals to exploit in order to carry out fraudulent activities.

Scams are becoming increasingly sophisticated.

* Could you be more specific about the vulnerabilities and how cybercriminals exploit them to attack people?

- First, deepfake technology remains one of the most serious threats. Cybercriminals exploit artificial intelligence ( AI ) to create highly realistic fake images and voices, easily bypassing authentication protocols, conducting unauthorized transactions, and weakening security systems.

In 2024, Kaspersky recorded that approximately 21% of phishing emails were generated using AI, indicating the increasing sophistication of these attack methods.

Furthermore, non-technical attacks remain one of the most common methods used by criminals to steal personal information.

They often impersonate bank employees to persuade customers to reveal OTP codes, photos of identification documents, and account information. Some scammers even make video calls to collect the victim's voice and face, then use this data to carry out fraudulent transactions or create fake accounts.

Many perpetrators impersonate authorities, threatening or manipulating victims to steal biometric data, leaving them no time to react. Malware is also a serious threat. Cybercriminals often trick users into downloading fake software disguised as biometric data collection applications through phishing links.

Once malware is successfully installed, hackers can remotely control and monitor the victim's activity and steal sensitive biometric data, including facial images and videos. This stolen information can then be exploited to bypass authentication systems, paving the way for fraudulent financial transactions using fake biometric identities.

It's not easy to completely prevent it.

* With the current user identification system, wouldn't it be easier to detect fraudsters stealing money from bank accounts, sir?

Investigating online fraud is a challenging task as infiltration methods become increasingly sophisticated and unpredictable. Cybercriminals exploit the anonymity and speed of the internet and employ a range of fraudulent tactics such as phishing attacks, malware distribution, and ransomware.

They use money and non-technical attack methods to deceive victims, while cleverly concealing their identities.

The advantage of online transactions is speed, but this very speed makes it easy for fraudsters to abscond with stolen money before authorities can intervene.

Furthermore, to avoid being traced, they constantly erase their digital footprints, making it extremely difficult to follow up on clues.

In particular, when criminals operate across borders, identifying, locating, and apprehending them becomes even more difficult because they can exploit legal loopholes between countries to evade responsibility and leave no trace.

* Are there any other challenges besides the technological gaps mentioned above?

- Another barrier stems from the victims' own psychology. Many hesitate to report incidents due to fear or apprehension of retaliation, inadvertently slowing down the evidence gathering process and hindering investigations.

This loophole allows criminals to continue operating unchecked, requiring closer coordination between individuals, financial institutions, and law enforcement agencies to improve the effectiveness of combating high-tech crime.

* Is it possible to completely prevent schemes that steal bank accounts and e-wallets?

- As technology advances, scams become more sophisticated, so we must always be vigilant against new fraudulent schemes. However, a positive sign is that most financial institutions are increasingly adopting advanced security measures, combining multiple layers of modern defenses such as biometric authentication, AI for fraud detection, and blockchain technology.

These solutions have proven remarkably effective in mitigating security risks and better protecting users.

Combining AI to fight fraud

* Can AI help authorities instantly track down fraudsters who steal money from other people's bank accounts and e-wallets, sir?

- Although AI cannot completely eliminate financial fraud, it remains a powerful tool for preventing and responding quickly to threats. Thanks to its ability to analyze massive amounts of data, AI can detect anomalies and fraudulent behavior in real time, enabling financial institutions to intervene swiftly.

However, real-time tracing of cybercriminals still faces many obstacles, including: the anonymity of some digital transactions, the prevalence of decentralized finance platforms, and legal challenges in prosecuting cross-border financial crimes.

Therefore, to stay ahead of cybercrime, governments and businesses need to invest heavily in AI innovation, improve the legal framework, and maintain regular preventative measures.

* In your opinion, what are the responsibilities of the relevant parties in detecting and preventing fraud involving the theft of bank account information and the misappropriation of funds today?

- Faced with increasingly sophisticated threats, financial institutions need to proactively enhance their self-defense capabilities and maintain constant vigilance. Authorities should strengthen public awareness campaigns about common scams, preventative measures, and how to respond when encountering fraudulent activities.

Organizations regularly monitor transactions to promptly detect anomalies and quickly prevent fraudulent activities. Businesses need to enhance cybersecurity training for employees to prevent non-technical attacks.

Network administrators need to regularly check and install updates to fix security vulnerabilities; deploy advanced security solutions capable of detecting anomalies in emails, such as unusual text patterns.

or suspicious metadata; and also update information on the latest threats so that cybersecurity experts can proactively respond to potential attacks...

Tips to protect yourself from online scams

- Avoid downloading and installing applications from unreliable sources, and regularly update your software to the latest versions to ensure maximum device security.

- Always use separate login credentials for each bank account to maximize security and minimize the risk of breaches.

Be cautious about requests for personal information from strangers and limit sharing personal information in any form.

- Be cautious when clicking on any links from unknown sources or suspicious online advertisements.

- Never share your account information, password, or OTP code with anyone.

- Enable multi-factor authentication or biometric authentication to enhance device security.

- Regularly check your bank and credit card statements, and immediately notify the bank if you notice any unusual transactions.

- Create strong and unique passwords by combining lowercase and uppercase letters, numbers, punctuation, and special characters; and enhance security by setting up two-factor authentication.

Source: https://tuoitre.vn/tang-dung-ai-ngan-lua-dao-truc-tuyen-2025030408103071.htm