VPS alerts customers to fraudulent activities related to installing counterfeit applications on mobile devices to gain access rights and steal customers' personal information.
Fraudulent campaigns using counterfeit software are still ongoing and increasing in Vietnam. These campaigns typically share the following characteristics:
- Attackers have access to victims' personal information, such as their full name, phone number, email, and ID card/passport number. This information is often obtained through leaks or trading on the Internet.
- Various scam scenarios have been recorded: Assisting with administrative procedures, tax settlements, resolving complaints, notifications from government agencies, etc., through phone calls, SMS messages, Zalo, Messenger, etc., tricking victims into downloading and installing counterfeit software.
- Attackers deploy counterfeit software in the form of Android APK mobile application installation files.
- Depending on the scenario, attackers deceive users into accessing and downloading the corresponding counterfeit software. Examples include Government, Public Services, and the General Department of Taxation.
- During installation, counterfeit software typically requests users to grant various sensitive permissions such as: Accessibility Read Message
Through these permissions, attackers can fully control the victim's Android device, including controlling it, stealing personal information, SMS messages and OTPs, money from bank accounts and securities, etc.
To prevent the risk of intrusion and information theft from accounts avoiding financial losses, VPS recommends that customers take the following security measures:
- To prevent PIN/OTP theft, use the 2-layer SmartOTP authentication method combined with biometric authentication measures such as fingerprint/facial recognition.
- Increase vigilance when receiving calls, SMS messages, emails, etc., from unfamiliar sources. Avoid clicking on links, downloading, and installing applications as the source instructs. Carefully check the sensitive permissions the application requests, such as Accessibility, Read Message, etc.
- Only download and install applications from the Google Play Store. Note: Android phones have only one trusted source: the Google Play Store. Do not download applications from other sources or websites.
- Check and revoke settings that allow installation of applications of unknown origin on the phone. Instructions for checking: Access settings menu > Security and privacy > Install unknown apps: here, find and revoke applications marked as "allowed."
- Avoid conducting transactions on phones that have been rooted, compromising security. If there is suspicion regarding device security issues, reinstall the device to clean it.
If there is suspicion regarding device security issues, reinstall the device to clean it.
