Popular scam

Recognize tricks to fake websites of agencies and businesses to commit fraud

According to a report from the Department of Information Security, fraud by impersonating the electronic information page of an agency or business is one of the 24 most common forms of fraud as of the first half of 2023. So what to do? How to recognize and avoid scams [...] from Recognize tricks to fake websites of agencies and businesses to commit fraud

Avatar photo

by Editor

schedule 11/07/2023

According to a report from the Department of Information Security, fraud by impersonating the electronic information pages of agencies and businesses is one of 24 most common forms of fraud as of the first half of 2023. So how to recognize and avoid this scam? Let's Anti-Phishing (CLĐ) learn more through the article below.

Article table of contents hide
I. Current status of fake electronic information pages
II. Identifying characteristics and fraud tactics
III. How to avoid being scammed

I. Current status of fake electronic information pages

In recent years, with the explosion of Information Technology, creating a fake website is no longer too difficult. Fraudsters can create websites with an interface similar to the website of an agency or business from images, interface and content so that users mistakenly think it is the provider's website.

Then, the subjects will use fake brand messages with content that requires users to access a fake link, declare personal information, bank accounts and then perform the act. stealing, appropriating user data information, fraud. As of June 2023, CLĐ has recorded 531 Fraud cases using this trick.

In April, the Ho Chi Minh City Tax Department announced the existence of a number of people impersonating state officials, providing links and instructing users to install fake applications of state agencies. to take control of phones, smart devices, steal personal data and bank account information to appropriate property.

Previously, Vietnam Social Insurance also issued a warning about a similar issue when a fake Facebook Fanpage of Vietnam Social Insurance appeared to defraud and appropriate people's property. In some localities such as Ho Chi Minh City, An Giang... there have been cases of fraud on social insurance applications to appropriate assets.

II. Identifying characteristics and fraud tactics

Although spoofing a website or creating a fake website is no longer a difficult task, these websites often have a number of characteristics that help you determine their credibility:

  • Website path (URL): official websites of organizations, banks or popular online services often have clearly defined domain endings, while phishing websites often have
  • The URL has an unusual format such as vn-cbs.xyz. vn-ms.top is mostly a scam website.
  • The URL contains strange characters, misspellings, or a similar but different domain name to the target website
  • URLs that use character fraud (IDN homograph attacks), where the same characters but from different character sets are used to create identical paths
  • SSL Certificate: An SSL certificate ensures that information transmitted over a network is encrypted and secure. To check, consider the browser address bar
  • If there is a padlock or “https” symbol at the beginning of the URL, the site has an SSL certificate
  • Otherwise, be careful about providing personal information on that website
  • Website design:
  • Phishing websites often have unprofessional designs or are copied from the official website
  • If you come across a website with an unfamiliar structure, inconsistent interface, strange logo, images or layout, be careful.
  • Content quality: Scam sites are common
  • Inaccurate content, spelling errors
  • The language is unorthodox, the story is not logical
  • Requirements for users:
  • Phishing websites often ask users to provide sensitive personal information such as bank accounts, credit card numbers, passwords, and other personal information.
  • Mainstream websites typically do not require users to provide sensitive information such as bank accounts, credit card numbers, passwords, and other personal information that should only be provided on trustworthy and secure websites.
  • If a website asks you for this information for no apparent reason, be careful and do not reveal your personal information.
  • Browser warnings:
  • Modern web browsers often have a mechanism to warn users when they detect a potentially fraudulent or unsafe website.
Illustration photo: VTV

III. How to avoid being scammed

To limit being scammed from fake websites, you should pay attention to the following issues:

  • Check the URL address
  • Always check a website's URL before providing personal information
  • Make sure the URL address is correct and corresponds to the website you want to visit
  • Use a secure browser
  • Use a web browser with high security features and update to the latest version
  • Browsers such as Google Chrome, Mozilla Firefox and Safari often have built-in security mechanisms that help prevent access to malicious websites
  • Check the connection is secure
  • When accessing websites that ask for sensitive information, ensure that the connection is secure by checking that the website has a valid SSL certificate
  • The padlock symbol and “https” at the beginning of the URL are a sign of a secure connection
  • Be careful with emails and links
  • Avoid clicking on links in unknown or unwanted emails
  • Check the source of the email and make sure it is trustworthy before continuing
  • If there is a link, check that the URL matches the target website
  • Limit providing personal information
  • Only provide sensitive personal information on trusted and secure websites
  • Avoid providing personal information such as passwords, credit card numbers, OTP codes or bank accounts on unknown or untrusted websites
  • Use security software
  • Install and maintain antivirus, anti-malware, firewalls, and other security tools on your devices
  • Update them regularly to protect against the latest threats
  • Enhance awareness
  • Equip yourself with knowledge about phishing attack methods and recognize the signs of fraudulent websites with the tools at This.
  • Stay alert and alert
  • Always stay alert when accessing websites and making online transactions
  • Trust your gut and never provide personal information if you have any doubts about the authenticity of a website.
  • Check out reviews and feedback
  • Before making a transaction or providing personal information, check the site's reviews and feedback from other users.
  • If there are a lot of negative reviews or scam warnings, avoid visiting that site
  • Use additional authentication methods
  • If available, use additional authentication methods such as two-factor authentication or OTP (One-Time Password) codes to protect your account
  • This increases security and makes phishing more difficult for attackers
  • Don't easily believe unexpected announcements
  • Be careful with unexpected notifications asking to update personal information or change passwords. Phishing attackers often use this trick to scam users
  • Always visit the service's official website and make changes through there, rather than accessing via a link in an email or an unknown notification.
  • Report phishing sites
  • If you discover a phishing website, report it to your online service provider or authorities so they can deal with the situation and prevent others from becoming the next victim.

And one important thing is to always call to verify the relevant company, organization, or bank, by finding contact information for their customer care department to ask them if the website or application is valid. Is it theirs or not!

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *