Use strong passwords and change them regularly

Passwords are the first layer of protection for bank accounts. Account holders need to create passwords that are difficult to guess and do not involve easily guessable personal information such as date of birth, phone number, etc. because these are data that hackers can easily exploit through social networks or other public sources.

Use a password that is at least 12 characters long, including uppercase and lowercase letters, numbers, and special characters like @, #, or &. This variety adds complexity, making it harder to guess.

In addition, passwords should be changed periodically, at least every 3-6 months, to increase security. Storing passwords on the browser or writing them down in a visible place should also be limited to avoid information theft.
Protect your bank card information

Cardholders must not share their bank security code (CVV/CVC) with anyone in any form, including police or bank employees. Especially with credit cards, do not share card numbers, security codes, dates of birth, etc.

If you don't shop online often, temporarily block your online bank card to prevent any unauthorized transactions. Blocking your card will not affect your bank account and you can reactivate it at any time with just a few simple steps.

Choose ways to protect your bank account

You can take advantage of professional tools and services to enhance account security such as: Using reputable and paid antivirus software to protect your device from malware.

In addition, the banking system has been implementing many solutions to enhance account security. Common authentication methods: OTP code, Smart OTP, eKYC,...

Accordingly, before making a transaction, the customer will receive an OTP password sent to the phone number. This way, it can be ensured that only the account owner holding the OTP password can make a successful transaction.

The system to monitor, detect and prevent attacks will be activated as soon as there are signs of abnormalities. You can see the simplest when logging in with the wrong password, entering the wrong money transfer password more than the specified number of times (3-5 times depending on the bank),..., the system will automatically lock the account/card, the ATM will not return the card. To reopen the account, you need to go directly to the branch of the bank in charge and follow the instructions.

Enable two-factor authentication (2FA)

Two-factor authentication (2FA) is one of the most effective security measures available today. In addition to entering a password, 2FA requires a second layer of verification, usually a One-Time Password (OTP) code sent via SMS, email, or an authenticator app. This means that even if a bad guy knows your password, he still can't access your account without the verification code.

Currently, when opening an online bank account via a banking application, customers are required to authenticate biometrically with a chip-embedded ID card.

Update mobile operating system and digital banking

Digital banking applications are regularly updated to add new features, improve performance and enhance the user experience. Installing a new update means you are adding an extra layer of protection to your online banking account. To ensure you are using the latest features and enhancing security, enable automatic app updates on your phone or regularly check the app store (Google Play, App Store) to download the latest version.

Additionally, it is important to keep your phone's operating system up to date, as vulnerabilities in the operating system can be exploited to gain indirect, unauthorized access to banking applications.

Regularly check transaction history

Regularly checking transaction history not only helps manage spending but also detects unusual activities in the account early. Banks now provide the ability to view transaction history directly on the application or receive SMS/email notifications after each transaction.

Do not access fake links

Nowadays, information theft through strange links is becoming more and more common and sophisticated. Bad guys often send emails, SMS or use social networks to spread links to fake websites, with interfaces identical to the official websites of reputable banks or financial services. When users enter information such as accounts and passwords, bad guys will collect them to defraud and steal property. Some strange links also contain malicious code, automatically installed on the device and silently stealing data.

Be careful when accessing public Wi-Fi

Public Wi-Fi at coffee shops, airports, or shopping malls is often not heavily encrypted, making your data and personal information vulnerable to theft. To be safe, use mobile data (3G/4G/5G) when doing banking operations. If you must use public Wi-Fi, use a VPN (virtual private network) to encrypt your connection, making it harder for hackers to break in.

Beware of scams

Fraudulent methods are becoming increasingly sophisticated, from impersonating bank employees calling to request information, to sending text messages announcing "winning" prizes with fake links.

To deal with it, you need to identify common tricks and monitor and regularly update warnings from banks and reputable financial institutions...

(article compiled from information sources on Techcombank 's website)