On the morning of November 28, a Samsung phone user shared a story of being "hacked" right on his device, along with questions about the security of the company's account. Specifically, Mr. DT said that a few days ago, while using Facebook, he came across a post about testing Samsung's new OneUI 7 Beta interface, with a link to a website attached.

The user identified it as a fake website with an interface similar to the official page of Samsung's Beta program (for developers and users who want to test software). When navigating to the page, the user is guided to access another link to log in directly to the account in the Samsung Member application (available on Samsung phones).

"I was curious so I tried logging in and thought there was no need to worry if I didn't provide any information. However, just 6 days later, both Samsung phones I was using were permanently locked," Mr. D.T shared. When I brought the phone to the Samsung warranty center, the staff there informed me that the phone could not be unlocked and advised me to create a new account for any other device.

" This incident made me feel shocked about the poor security level of Samsung phones and disappointed with the way the warranty center handled it, when they could not unlock the phone even though I had provided all the necessary information," Mr. D.T said indignantly.

In the video attached to the post, this user did not enter any personal information such as account name or password. Therefore, Mr. D.T believes that Samsung accounts are very easy to hack and can lose control with just a few steps.

Agreeing with the above viewpoint, many other users in the community group commented that this is a wake-up call for other members, and at the same time, they are concerned that a large enterprise like Samsung has a loose account security mechanism, with loopholes that allow hackers to easily attack. Facebook account owner Vu Duy Long commented: " I agree with the post owner. How can it be that with just the word 'Login', without providing anything, it still happens? If I click on a strange link, not from the company, how can the account automatically sync there... absurd".

Mr. HT, another user, was also surprised that his Samsung account could be hacked without entering a password: "How could I lose my account if I clicked the direct login link in the official app? It must be entering the account into a fake page?" This is also an issue that many people are concerned about when users do not fill in information but still lose their accounts, leading to device lock.

However, there are also opinions that when users press the "Login" button with their Samsung account on the application, they have agreed to let the system use the information to authenticate the account.

Duy Luan - an influential reviewer in the technology community - said that Mr. D.T. allowed logging in with a Samsung account during the operation process recorded in the video provided by this person.

" Because it looks so real, you trust and allow it. I think this is a lesson learned and a warning, because this scam is really sophisticated. As for allowing login, it's similar to One Click of Google Account or even Apple ID ," Mr. Luan explained.

Some other users also agreed with the above statement and said that the error originated from the owner of the post. From the beginning, this person affirmed that he knew that the website was fake but still actively clicked on it, which was a mistake. In addition, when the interface led the user to the Samsung Member application, the user agreed to authenticate using that account to log in on another system. Because the user's device was authenticated as a "Trust Device", when there was a manual consent action, the system would understand that as an approval to use account information (name, password) to log in to another party's system.

Be careful with all information on social networks

The Department of Information Security - Ministry of Information and Communications recommends that users need to be alert when choosing to buy products and services of technology companies advertised on Facebook. If there is a discount program, it will also be announced on the company's official website, not running ads on Facebook as above.

If you have any doubts about the authenticity of a promotion, contact the brand's customer service directly for verification. Promotions that seem too good to be true are often a sign of a scam.

Do not access links sent via text messages, emails, or social networks if you are unsure of their authenticity to avoid device takeover and property theft.

Don't give out personal or financial information: Reputable brands will never ask you to provide sensitive information like passwords, credit card numbers, or OTP codes through promotions.

People should be vigilant and not send donations or support for victims to accounts of unknown origin.

When receiving information online calling for donations or selling goods to help fight storms and floods, it is necessary to verify the content carefully. It is necessary to follow the official media to know the official organizations and reliable addresses that receive money and goods to support people in localities that suffered severe consequences of the storm.

Absolutely do not transfer money to individuals or organizations without clear identities. Only make donations through official accounts of state agencies or reputable organizations/individuals.

If you encounter a situation that you suspect is a scam, immediately report it to the authorities or the counterfeit brand so that they can take timely action.