Banks are prohibited from sending messages and emails containing links to customers.

The State Bank of Vietnam (SBV) recently issued Circular 50/2024/TT-NHNN (Circular 50) regulating the safety and security of providing online services in the banking sector. The Circular will take effect from the beginning of 2025.

Notably, regarding regulations on protecting customer rights, the Circular stipulates: Banks shall not send SMS messages or emails to customers containing hyperlinks to access electronic news sites, except in cases requested by customers.

The above regulation will help customers identify fraudulent messages. Because currently, scammers impersonating banks often use fake links to send to customers, through social networking sites (Facebook, Zalo ...), via SMS messages, emails. Accordingly, when customers access fake links, their security information of the electronic banking application (login name, password, OTP code ...) will be stolen.

Banks are not allowed to send messages or emails containing links to customers.

In addition, the Circular also stipulates that credit institutions must instruct customers to use Online Banking services to ensure safety and security. In particular, they must at least instruct customers: To protect the secret key, PIN, OTP and not to share the devices that store this information; Principles for setting up secret key, PIN and changing secret key, PIN of electronic transaction accounts;

Instruct customers not to use public computers to access and conduct transactions; not to use public WIFI networks when using Online Banking services; Do not save login names and secret codes, PIN codes on browsers; Exit the Online Banking application software when not in use;

At the same time, guide customers to identify and take action to handle some situations of fraud, fake news websites, Online Banking application software; Fully install security patches for operating systems and Mobile Banking application software; consider installing anti-malware software and update the latest malware identification model on personal devices used for transactions;

Choose transaction confirmation methods that have the required level of safety and security and are suitable for customer needs regarding transaction limits...

Do not use unlocked mobile devices to download and use Online Banking application software, OTP generating software; Do not install strange software, unlicensed software, software of unknown origin;

Immediately notify the unit in the following cases: loss, misplacement, or damage to the OTP generating device, the phone number receiving SMS messages, or the device storing the security key for generating the electronic signature; being scammed or suspected of being scammed; being hacked or suspected of being hacked.