Currently, many people have taken advantage of people's trust and carelessness when participating in social networks to gain the right to use accounts and login passwords to access securities trading accounts to conduct transactions with others. The purpose of creating unusual transactions, adjusting stock prices, transferring money, withdrawing money and appropriating investors' assets.

Fraudulent forms such as phone calls or text messages create situations where the recipient is tricked into providing or entering information about the user, account password, or clicking on links containing malicious code. steal passwords and take over accounts. There are also a number of other forms of fraud that subjects have used: creating fake public service applications such as fake applications of the Government, the General Department of Taxation, the General Department of Land Management, and the Electricity Corporation. force... The scammer's trick is to call and contact victims via phone, Zalo, Facebook or other social networks... for a number of main reasons such as supporting tax settlement, tax refund, electronic identification, updating land information, paying electricity bills... then the subjects trick the victims into clicking on the link to download the fake application, install it and accept all permissions for the application to malware works. After taking control of the victim's device, the malicious code is capable of performing dangerous actions such as: being able to retrieve SMS, get user/passwords of applications, view the list of installed software put on the device, remove software, install software, install keylog to get pin code, read OTP code, send collected data to hacker's server, hide activities... In particular, authentication messages OTP codes, placing orders, and transferring money are all hidden by malware. Even the device screen remains dark, not showing the operating status while the malware is still operating in the background without the victim's knowledge.

To prevent the risk of account information being hacked and stolen, and avoid property damage, BVSC recommends that customers increase vigilance as follows:

1. Do not click on links or download files from strangers' messages or emails when using Email, SMS, or third-party applications (such as Skype, Zalo, Messenger...).
2. Be wary of strange calls impersonating government officials asking to install software. Absolutely do not do this and contact the competent authorities immediately.
3. Only download and install applications from reputable sources (Google Play for Android devices, AppStore for iOS devices). Do not download applications from other sources.
4. Do not grant inappropriate permissions when installing applications, especially Accessibility permissions.
5. Do not perform actions that break the device's security barrier ("jailbreak" for IOS phones or "root" for Android phones).
6. Install and regularly update software to detect and prevent malicious applications.
   

For securities trading accounts, BVSC recommends that clients take a number of security and safety measures as follows:

1. Absolutely do not disclose or share your login password and/or securities trading order password with any individual/organization. Even in the case of disclosure to the closest person, there will still be a risk of the password being leaked to the outside world, and even a risk of information disclosure even during the initial disclosure process due to the password information being exchanged and stored through other media and devices without being immediately changed again.
2. Regularly change your login password, do not share your securities trading account login password with passwords of other software and services of other service providers.
3. Review the email address information and phone number registered to receive the authentication password, and the phone number registered to contact BVSC to ensure it is accurate and updated according to the information currently in use.
4. Register to use appropriate notification forms such as email and sms to promptly detect unusual transactions.
5. Regularly monitor your stock trading account, install the BVSC Mobile app to receive information and warnings from BVSC anytime, anywhere.
   

In order to further enhance the security and safety of customers' assets, BVSC announces the roadmap to apply security measures on customers' securities trading accounts as follows:

1. Require customers to change their password when logging back in for accounts that have not logged in within (03) three months. 
2. Applying additional multi-factor authentication for each time customers log in to their stock trading accounts is expected from early 2024.

If you need any assistance, contact us via hotline 1900 1018 or email info@bvsc.com.vn.