Most common scams of 2025
Survey findings show that the number of victims of online scams in 2025 fell markedly compared with 2024 — a highly positive development, according to the NCA.
However, Mr. Vu Ngoc Son, Head of Technology at the NCA, stressed that online fraud remains highly sophisticated, and users must stay vigilant. The Ministry of Public Security’s latest figures show that in the first 11 months of 2025, losses from online fraud still totaled over VND6 trillion.
The survey found that impersonating police officers emerged as the most common scam in 2025. Prize-notification and gift-receipt scams, designed to steal money, ranked second. High-return investment invitations dropped to third place. Other persistent schemes — including fake delivery agents and romance or friendship scams — continued to occupy fourth and fifth positions despite being far from new tactics.
One worrying pattern has not improved: victims rarely report scams to authorities. Experts warned that this reluctance creates a major obstacle to fraud prevention, as failing to report cases deprives authorities of crucial data needed for investigation, enforcement, and early public alerts.
Cybersecurity outlook for 2026
According to the NCA, individual users are expected to face a new wave of challenges in 2026 — most notably, a sharp escalation in the sophistication of online fraud.
Cybercriminal groups are set to leverage deepfake technologies to generate hyper-realistic images, videos, and audio, making it nearly impossible for users to distinguish real from fake without strong digital literacy and up-to-date information. Meanwhile, malware targeting individual devices will remain a prevalent threat.
2026 is expected to mark major improvements in personal data protection as key laws, including the Personal Data Protection Law and the Cybersecurity Law 2025, take effect. Organizations and businesses will be obligated to strengthen compliance and invest more heavily in cybersecurity commensurate with their levels of data collection, storage, and processing.
However, experts cautioned that previously leaked personal data will continue to be exploited, enabling criminal networks to mount fresh attacks. As a result, boosting public awareness and digital skills, alongside strengthening the legal framework and data-protection capabilities, will remain critical to reducing cybersecurity risks in the years ahead.
In 2025 alone, the NCA’s nTrust anti-fraud system detected 62,952 new mobile malware variants in Vietnam, including 931 impersonating popular applications to steal user information or seize device control — posing serious threats to data and financial security.
Meanwhile, illegal harvesting and misuse of personal data remained widespread, with 88.05 percent of users reporting unsolicited service offers despite never having registered or expressed interest. These figures underscore the seriousness of cybersecurity risks still facing individual users.
