Types of online scams
In 2024 alone, the world recorded nearly half a million cyberattacks targeting organisations holding large volumes of data. Notably, ransomware attacks increased by 250% during the year. In Viet Nam, around 552,000 cyberattacks were recorded in 2025, highlighting the rapid rise of threats in cyberspace.
According to Dr. Le Minh Nghia, Chairman of the Viet Nam Financial Consulting Association, the world is standing at a major turning point of the Fourth Industrial Revolution, in which AI has become a core driver reshaping the global financial industry. In Viet Nam, digital transformation in the finance and banking sector is taking place at a rapid pace. AI is now involved in a wide range of processes such as credit analysis, electronic know-your-customer (eKYC), risk management, service personalisation and real-time transaction processing. However, accompanying this rapid development is an increasingly visible downside. As data becomes more valuable, risks are also increasing exponentially. Financial data has become the lifeblood of the economy, but this lifeblood is facing increasingly sophisticated threats from high-tech criminals.
Around 85% of current cyberattacks are supported by AI. According to Senior Lieutenant Colonel Nguyen Dinh Do Thi, Deputy Head of the Staff Division under the Department of Cyber Security and High-Tech Crime Prevention under the Ministry of Public Security, AI tools help criminals automate vulnerability scanning, create personalised fraud scenarios and even impersonate identities with a very high level of realism. One of the most alarming threats is deepfake technology. With only a few minutes of image and voice data, criminals can create highly realistic fake videos impersonating relatives, police officers, bank staff or business leaders to manipulate victims’ psychology. Fraud schemes are becoming increasingly sophisticated, including impersonation of authorities, Forex and cryptocurrency investment scams, romance scams, sextortion and attacks targeting digital asset ecosystems.
AI tools help criminals automate vulnerability scanning, create personalised fraud scenarios and even impersonate identities with a very high level of realism. One of the most alarming threats is deepfake technology. With only a few minutes of image and voice data, criminals can create highly realistic fake videos impersonating relatives, police officers, bank staff or business leaders to manipulate victims’ psychology. Fraud schemes are becoming increasingly sophisticated, including impersonation of authorities, Forex and cryptocurrency investment scams, romance scams, sextortion and attacks targeting digital asset ecosystems.
Senior Lieutenant Colonel Nguyen Dinh Do Thi
Deputy Head of the Staff Division, Department of Cyber Security and High-Tech Crime Prevention, Ministry of Public Security
Notably, personal data has now become a type of “underground commodity” in cyberspace. Over the past three years, authorities have uncovered more than 30 cases involving the trade and theft of personal data, with around 160 million leaked records. Not only phones and computers, but also IoT
devices such as security cameras, smart televisions and electronic locks have become targets of intrusion. As connected devices become more widespread, the “gateway” for attacks on personal data is also expanding.
From the perspective of financial security, the seriousness of high-tech crime is increasing rapidly. Global statistics reveal an alarming reality: nearly three million people become victims of cybercrime every minute.
With total global losses in 2025 estimated at up to 10 trillion USD, cybercrime has become one of the biggest threats to global financial stability. In Viet Nam, this wave is causing losses amounting to hundreds of trillions of VND.
Notably, 52% of Vietnamese businesses still lack sufficiently strong technological solutions to respond to cybersecurity incidents, while 56% do not have dedicated cybersecurity personnel. Many units continue to consider cybersecurity as merely a technical issue rather than a strategic factor linked to their survival.
The legal framework is a shield for safety
In response to this wave of attacks, legal action by the State is not intended to hinder development.
“Viet Nam’s legal regulations are not designed to obstruct data flows. Businesses are still allowed to transfer data overseas for business operations, but they must fulfil obligations relating to data protection and regulatory compliance. Requirements for data impact assessments under the Law on Personal Data Protection are necessary management tools for cross-border platforms that have no legal presence in Viet Nam but exploit large volumes of user data for profit,” Senior Lieutenant Colonel Nguyen Dinh Do Thi affirmed.
Technology is opening unprecedented development opportunities, but it is also providing criminal organisations with increasingly sophisticated digital weapons capable of automation, personalisation and large-scale attacks. In this context, Viet Nam needs a new approach: shifting from a reactive stance of “responding after incidents occur” to proactively “building security into systems from the design stage”.
To build a truly strong “shield”, experts believe Viet Nam must strengthen three pillars simultaneously: technology, institutions, and people. Businesses must proactively invest in advanced security solutions, standardise data, and improve incident response capacity. The state needs to continue improving the legal framework in a way that both controls risks and creates room for innovation. More importantly, every user needs to raise awareness of protecting personal data in the digital environment and recognising risks in cyberspace.
However, to build a truly strong “shield”, experts believe Viet Nam must strengthen three pillars simultaneously: technology, institutions, and people. Businesses must proactively invest in advanced security solutions, standardise data, and improve incident response capacity. The state needs to continue improving the legal framework in a way that both controls risks and creates room for innovation. More importantly, every user needs to raise awareness of protecting personal data in the digital environment and recognising risks in cyberspace.
