Warning of fake bank tricks to scan QR codes


A number of banks and police agencies in many localities have also warned against the trick of bank fraud to scan QR codes.

To avoid being caught in this new scam, banks advise customers to be very wary of requests to scan QR codes or access strange links. — Photo baobinhduong.vn

The Viet Nam Prosperity Joint Stock Commercial Bank (VPBank) has warned customers to be wary of tricks using fake banking QR codes to steal money from unsuspecting customers.

The bank warns that recently, in addition to sending fake login links to take over accounts or collect information related to credit cards, attackers have developed a method to send QR codes via social networks such as Zalo, Facebook or Viber.

Specifically, the attacker will impersonate a bank employee, call from a desk phone number with a sequence similar to the bank's switchboard number, and invite customers to upgrade their credit card limit or withdraw cash from their credit card or other financial services. Next, the crooks will send and ask the customer to scan the QR Code.

After the customer scans the QR Code, customers will be redirected to a fake website link asking customers to enter information such as full name, ID/citizen identity card, photo, card number, card expiration date and OTP sent to the customer's phone number, as well as the login information and password of a bank account.

Immediately after the customer provides the information, the fraudster will gain the right to use the internet banking account or credit card and perform the transaction to appropriate money.

A number of other banks and police agencies in many localities have also warned about the QR code trick.

To avoid being caught in this new sophisticated scam, banks advise customers to be very wary of requests to scan QR codes or access strange links.

Banks do not ask customers to provide card numbers, CVV2/CVC2 numbers (three security numbers on the back of credit cards) or any other personal information of customers via Zalo or an unknown phone number.

At the same time, it is also recommended that customers do not provide OTP / Smart OTP authentication codes to anyone including bank staff.

If you accidentally scan the QR, check the link again to identify it is a safe URL. — VNS

  • Share: