BCEL Warns Of User Password Theft

A leading Lao bank has warned its e-banking customers to be aware of identity and password theft which has occurred recently to several customers.

Banque Pour Le Commerce Exterieur Lao (BCEL) made the announcement to warn customers using i-Banking and e-Banking to be aware of someone stealing their private information such as user identity and password.

BCEL One is a popular application for both iOS and Android among bank customers, but be aware of someone trying to steal your user account and password.

The statement went on the front page of the bank’s official website to warn local customers with the bank also highlighting the issue through local media.

The bank noted that recently criminals have been attempting to steal user and password information of BCEL i-Banking and E-Banking customers by using so called phishing techniques trying to trick customers by sending them bogus emails using three methods to deceive them.

Firstly, the criminals would claim the bank has found an irregularity in the customer’s account and suggest the owner of the account protect their account by clicking on a link to a fake website which was created to steal their user account and password.

Secondly, the email would tell customers the bank had found a problem with the account’s security again suggesting users click on a link of a dummy website.

Third, it would tell customers that the bank is improving security for customers, so they would need to click on a fake website link in order to reconfirm user ID and password to ensure the customer was indeed the owner of the account.

A bank official explained that if customers trusted these phony links and clicked on them through the three ways outlined criminals would get the information to access customers’ accounts.

According to the bank’s IT Centre these people acting illegally are smart and send an email to customers with a link which looks quite like an official bank website link. Then the next email would be sent to other customers with anther similar website link.

The centre noted that some customers called them and asked about the emails because they were wondering why the bank was sending them some emails which had never happened before. Lucky for the customers they were very suspicious and decided not to click on the illegal link giving away there user ID and password.

The problem has been occurring for a month and the bank is still investigating how many customers have been victims of the emails.

However, bank officials assured customers that IT staff were proactively working to ensure security for all customers.

Source: Vientiane Times