VPS | Vigilance During Tax Settlement Peak Period

Amidst the complex cyber security situation in Vietnam, characterized by numerous fraudulent activities targeting users to install malicious mobile applications, especially during the peak tax settlement period of 2023 in April, VPS would like to warn our customers about the following tactics: 

1.  Individuals claiming to be officials from the Department of Taxation or any affiliated departments and branches calling and requesting personal information and ID card images under the pretext of assisting in tax reduction, tax refund, tax settlement procedures, inspection tasks, etc., and guide to install malicious mobile applications to receive information from the tax authorities. 
2.  Fake websites with interfaces resembling those of government agencies or businesses, from images to content, mislead victims into believing they are legitimate provider websites. 
3.  Impersonating SMS messages from the General Department of Taxation to disseminate fake messages. 
4.  Threatening phone calls, utilizing fraudulent tactics to embezzle taxpayers' assets. 
5.  Impersonating government agencies that provide public services and request personal information, send ID card images, and provide links with instructions to install malicious mobile applications to gain control over phones.

Given the above situation, the General Department of Taxation emphasizes that it does not authorize any organization or individual outside the Tax sector to collect taxes on its behalf. At the same time, it advises taxpayers to enhance vigilance by: 

1. Carefully examining the content of messages and calls, refraining from hastily responding to or fulfilling requested actions. 
2. To verify the identity and information of the subject, whether they are tax officials or not, taxpayers can call the official phone numbers publicly listed on the Tax Department's electronic portals/websites that use the https protocol and the national domain ".vn," or contact official channels for assistance to avoid being exploited by fraudsters. 
3. When receiving suspicious calls or SMS messages, keep evidence such as messages and call recordings and report them to the nearest law enforcement agencies and tax authorities. 

Source: General Department of Taxation's electronic portal https://www.gdt.gov.vn/ 

To prevent the risk of intrusion and theft of information from accounts avoiding financial losses, VPS recommends that customers take the following security measures: 

1. To prevent PIN/OTP theft, the 2-layer SmartOTP authentication method should be used, combined with biometric authentication measures such as fingerprints/facial recognition. 
2. Being vigilant when receiving calls, SMS messages, emails, etc., from unfamiliar sources. Avoid clicking on links, downloading, and installing applications as the source instructs. Carefully check the sensitive permissions the application requests, such as Accessibility, Read Message, etc. 
3. Only download and install applications from Google Play. Note: Android phones have only one trusted source: Google Play. Do not download applications from other sources or websites. 
4. Checking and revoking settings that allow installation of applications of unknown origin on the phone. Instructions for checking: Access settings menu > Security and privacy > Install unknown apps: here, find and revoke applications marked as "allowed." 
5. Avoiding transactions on phones that have been rooted, compromising security. 

In case of suspicion regarding device security issues, restore factory settings to clean the device if possible.