Domestic bank websites contain security glitches

VietNamNet Bridge – Thirty per cent of Vietnamese bank websites have security loopholes, according to the country's top internet security firm, BKAV.

Domestic bank websites, security loopholes, hackers, IT projects

Thirty per cent of Vietnamese bank websites have security loopholes. — Photo Bkav

Of those, two thirds are at high or medium risk of having their security breached.

The most dangerous loophole that bank websites are facing is SQL Injection, which allows hackers to directly attack websites' data.

Others, including Cross Site Scripting (XSS) and Open Redirection, could take control over a site or redirect visitors to a spam site.

A large number of websites with loopholes were newly established or being restructured. These types of sites didn't have the money to invest in website security, said Ngo Tuan Anh, deputy director of the firm's Internet security division.

It was necessary to set aside from 5 per cent to 10 per cent of budgets for internet security for IT projects, said Anh, adding that repair work was even more costly and time-consuming.

BKAV sent warnings and instructions to at-risk banks, Anh said.

There were more than 23,500 new computer viruses in Viet Nam in the first half of this year. These viruses have infected nearly 31 million computers. Meanwhile, 2,790 agency and enterprise websites were hacked.

Of those, 34 were websites with government domains and 122 were for educational organisations.

Spam messages

The number of spam messages sent each day was reported at 13.9 million – higher than last year's average of 13.5 million, according to BKAV.

According to the Ministry of Information and Telecommunications, one million spammers were blocked in the first half of the year. Spam messages about real estate increased in the first half.

Fake Facebook pages

About 40 fake Facebook pages on average appeared each day in the first half of this year, according to BKAV.

The pages aim to steal passwords to swindle money and spread spam messages.

BKAV experts recommended that customers verify information when receiving promotion messages and should not recharge prepaid mobiles on unreliable websites.


Domestic bank websites, security loopholes, hackers, IT projects