Recently, many users have received spam messages containing brand names impersonating banks, or with obscene or vulgar content, asking users to access a link to view the content.
According to the Department of Information Security (Ministry of Information and Communications), this is a scam message, luring users to access a link to install malware or steal account information. To send brandname messages to users, the common trick of the scammers is to create a fake BTS transmission station.
Not a new scam
According to Mr. Vu Ngoc Son - Technology Director of Vietnam Cyber Security Technology Company NCS, the situation of sending fake brandname messages from banks has been recurring recently. These subjects use specialized devices, impersonating BTS broadcasting stations of network operators, sending SMS messages to phones within the coverage area of the device.
This station is about the size of a suitcase, can cover about 2km and send thousands of messages at the same time. The fake BTS station will interfere with the 3G, 4G signals around the BTS station of the network operator, then broadcast at high power, causing the phone device in the coverage area to receive the message. This is also the reason why many people in the same area will receive similar messages.
Because the format of SMS packets is simple and there is no information field to check the origin of the message, users' phones are easily fooled, grouping fake messages with real messages from the bank. Users therefore cannot distinguish fake messages from real messages and are easily fooled.
Fake brandname messages often come with a link. If the user follows the instructions and clicks on the link, they will be taken to a fake website with an interface identical to the bank's website.
Users operate on the fake website, enter account password information, then enter the OTP code. This information is collected by hackers and makes money transfer orders on the bank system, causing users to lose money immediately.
Because the fake BTS station device is compact, scammers can put it in a car and drive it to crowded areas such as traffic light intersections, crowded events, shopping malls, etc. to spread many SMS messages.
Such a fake device can send up to 70 thousand messages a day. All of these messages do not go through the network infrastructure, so they can impersonate any brand name to trick users.
According to Mr. Vu Ngoc Son, the reason why brandname counterfeiting is still rampant is because brandname messages are often trusted more by users than messages from junk SIMs.
Users easily lose their vigilance and click on malicious links sent in messages, leading to the risk of losing personal information, having their bank accounts and social media accounts hijacked, and even having malicious code installed to take control and track their phones.
This is not the first time Vietnamese users have received this type of scam SMS message.
In September 2022, the Department of Cyber Security and High-Tech Crime Prevention (Ministry of Public Security) discovered a transnational crime ring led by foreigners, specializing in spreadingscam messages .
The masterminds used equipment manufactured abroad to fake mobile transmitting and receiving stations of Vietnamese telecommunications companies. The equipment could fake the text message prefixes of agencies and organizations. Once they had collected mobile subscriber information, they spread 40-80 thousand messages per day on each set of equipment.
Recently, at the end of March 2023, Gia Lai and Quang Nam Provincial Police arrested a number of subjects using this method to defraud people of their property. The two subjects arrested by Quang Nam Provincial Police confessed: For every 10,000 messages sent, the subjects were paid 500,000 VND via virtual wallets. The two subjects received about 110 million VND from the person who hired them to spread the messages.
According to the Ministry of Information and Communications, in March 2023, this agency discovered and transferred to the authorities to investigate and handle 8 cases of using fake BTS transmission stations to spread spam, advertisements or fake messages to defraud people.
Users need to be more vigilant
Faced with increasingly sophisticated fraud methods and tricks, the Ministry of Information and Communications recommends that people raise their vigilance. Users must be cautious when receiving messages asking for bank account information, messages with links attached, messages from relatives asking to borrow money, etc.
On the other hand, when detecting unusual or suspicious signs of received messages or detecting someone installing strange electronic devices, especially in densely populated areas, people need to promptly notify the Ministry of Information and Communications, the Department of Information and Communications or the police agency to prevent and handle the situation.
In addition, the Ministry has just officially announced the launch of the Domain Name Information Lookup Portal. Through this system, Internet users can identify, authenticate and consider the information they are accessing on the network environment.
To look up domain name information, people can send a free text message with the syntax TCTM [Domain name or website link] to the switchboard 156 or look it up directly on the website tracuutenmien.gov.vn.
The returned information will indicate the domain name type, subject, organization that registers and manages the domain name... This is an effective support tool for users in identifying information sources on the network environment, thereby contributing to preventing and stopping fraudulent and illegal acts.
Mr. Vu Ngoc Son said that to avoid this, users should absolutely not click directly on links received via text messages, because in reality, banks never guide to update or change services via links sent in text messages. It is necessary to pay close attention to links, especially links with domain names other than .vn. In case of unclear cases, users can contact the bank directly via the hotline number to check the information.
Security expert Ngo Minh Hieu (National Cyber Security Monitoring Center - NCSC) said that this scam is not new and has appeared frequently in the past 2 years. Expert Ngo Minh Hieu's security team recorded that this year, about 30 thousand people were victims of these messages. Currently, some websites of the scammers have been blocked and removed.
"In case of receiving a message or a call, users need to verify the information. Look up the phone number of the bank, agency or organization that just contacted to verify the information. If the transaction feels unreliable, users should stop and remove this contact from their mind," Mr. Hieu shared./.
Comment (0)