According to the Department of Information Security, messages impersonating financial institutions and banks to send fake content, defrauding users have recently been spread by bad guys through mobile broadcasting devices ( BTS) fake.
|The Department of Information Security recommends that people check and carefully verify websites and apps in messages that users receive, including brand messages, messages from short numbers.|
A new way of spreading phishing messages targeting bank users
Recently, as ICTnews has reflected, many mobile subscribers have received messages impersonating financial institutions, banks such as TPBank, Sacombank, ACB, Zalopay … to send fake and fraudulent content to appropriation of people’s money.
Users who are not careful when accessing fraudulent websites will be lured to provide personal information such as account, password, OTP code … and perform money transfer without knowing it.
According to security experts, the fact that bad actors fake identity messages (brandnames) of banks, e-wallets makes many users lose their guard, being lured to visit fake websites because of them. create.
Security experts have also predicted a number of possibilities of forging brandname messages of banks, e-wallets such as: Hackers exploiting, taking advantage of services providing identity messages – brandname; Hackers hire SMS service servers and fake brandname to send messages to subscribers; or the victim’s phone is infected with malicious code and then the malicious code will insert impersonation messages into text messages on the device …
However, in the official warning information released on the afternoon of February 5, the Department of Information Security, the Ministry of Information and Communications specifically informed the attack methods of bad actors in phishing attacks. financial institutions, banks.
According to the representative of the Information Security Administration, through verification and assessment, these fake messages did not come from the systems of financial institutions, banks and telecommunications businesses, but were distributed through Fake mobile transmitters (IMSI Catcher / SMS Broadcaster).
“These are devices originating from abroad, being illegally purchased, sold and used by the objects for the purpose of spreading spam messages to deceive users, especially users at urban areas ”, said the representative of the Department of Information Security.
Specifically, through analysis, in phishing attacks targeting banks and financial institutions recently, the attacker first used fake broadcasting equipment to perform currently sending spam messages directly to mobile phones without going through mobile telecommunications networks.
These messages are changed by objects (phone number, prefix or identifier) in order to create trust and deceive users. The content of the message is often an advertisement, guide or contain a link to a fake website like the official website of financial institutions, banks to lure and steal information of users such as accounts, passwords. password, OTP code …
Next, users are not aware of the fake website, so they will provide personal information to access the bank account such as entering account name and password.
After the user provides the information, the fake website will navigate to another website or notify the user to wait. At this time, the subject will use the user’s personal information to log in to the official website of financial institutions and banks to get OTP authentication code (if necessary).
In the final step, after the user’s phone receives the OTP authentication code, the fake website will be redirected to the state that requires the user to provide the OTP authentication code. Users who are not alert will provide OTP information to the subject to complete the process of appropriating money in the account.
Recommendations for users of banking and financial services
Commenting that this is a very sophisticated and dangerous behavior, the representative of the Department of Information Security said that the Department is cooperating closely with the police force, authorities, and telecommunications businesses to deploy measures to prevent, investigate, verify and handle law violators.
To prevent and coordinate the handling, the Department of Information Security recommends that people check and carefully verify websites and applications in messages that users receive, including brand messages, messages from short prefixes; Absolutely do not access websites, applications with unclear origins.
In case of receiving a message with fraudulent or fake content, people are requested to report it to the Information Security Administration (VNCERT / CC Center) via the message number 5656 or via the website https: // thongbaorac. ais.gov.vn/ for Information Security Department to promptly coordinate and coordinate with relevant units to handle.
In addition, the Department of Information Security also requests people to notify the police or the Department when detecting objects using, trading, or exchanging fake broadcasting devices (IMSI Catcher / SMS Broadcaster). through the Information Security Department’s hotline number 0339035656.
In the Lunar New Year, hackers increase fraudulent banking transactions, electronic wallets
According to experts, taking advantage of the time of approaching the Lunar New Year 2021, the demand for online transactions, payments, gifts or lucky money increases, many hacker groups are increasing fraudulent activities aimed at users of services. banking, electronic wallet.