In Laos, mobile phone penetration has reached approximately 87% of the population, and the use of mobile banking services such as BCEL One is expanding rapidly. At the same time, fraud involving phone calls and SMS is becoming an increasingly serious problem. In 2024, nine illegal call centers were raided in the Golden Triangle Special Economic Zone, resulting in the arrest of 267 individuals from 16 countries. This article outlines the mobile phone scam tactics that are increasingly being reported within Laos and explains five steps to prevent falling victim to them. By understanding these tactics and practicing proper cybersecurity measures, you can significantly reduce your risk of becoming a victim.

Disclaimer: This article is intended for informational purposes only and does not constitute legal or financial advice. If you have been the victim of fraud, please contact your nearest public security office or the Lao Computer Emergency Response Team (LaoCERT).

Fraud via mobile phones in Laos is expanding on two fronts: international cybercrime networks and small-scale scams targeting domestic individuals.

According to DataReportal's 2026 report, mobile connections in Laos stand at approximately 6.78 million, equivalent to 86.7% of the population. Of these, 96.7% use 3G/4G/5G networks, making internet access via smartphones a part of everyday life.

BCEL One has over 1.6 million users, and its QR code payment system supports cross-border transactions with Thailand, Vietnam, and China. While convenience continues to grow, so too does the "attack surface" for fraud targeting mobile banking.

In markets across Vientiane, where cash payments were the norm until just a few years ago, shops offering QR code payments are now commonplace. While many are experiencing the benefits of financial digitalization firsthand, the reality is that those whose digital literacy has not kept pace are becoming easy targets for fraud.

From 2024 to 2025, Lao authorities intensified their crackdown on cybercrime.

• July 2024: 280 Chinese nationals arrested on suspicion of online fraud
• August 2024: Fraud centers raided in the Golden Triangle Special Economic Zone, resulting in 60 arrests
• Throughout 2024: Nine illegal call centers shut down, with over 10,000 PCs and 11,000 mobile phones seized
• February 2025: The Ministry of Technology and Communications announced stricter regulations targeting call center fraud

The United Nations also identified fraud centers in Southeast Asia as a "human rights crisis" in May 2025, with Laos being one of the epicenters of this issue.

The first step in preventing fraud is to understand the patterns of tactics used. The following 5 categories are among the most frequently reported within Laos.

A method of stealing bank login credentials and credit card numbers by tricking users into tapping a link via fake SMS messages. Cases impersonating Unitel, Lao Telecom, and ETL, as well as patterns falsely claiming "your communication fees are overdue," have been confirmed.

How to identify them:

• The sender is an unfamiliar number or shortened URL
• Urgent language such as "Immediate action required" or "Your account will be suspended"
• The link's URL differs from the official domain

They call while impersonating bank employees or government officials. In November 2025, the Ministry of Technology and Communications officially issued a warning about "scams that trick victims into divulging SIM card registration information using forged government documents."

How to identify them:

• Government agencies and banks will never ask for PINs or passwords over the phone
• Caller ID can be spoofed. Call back using an official number you have looked up yourself

"Congratulations! You have won a prize" — an SMS or message arrives, asking you to transfer a handling fee or enter personal information.

It is impossible to win something you never entered. This single point is all you need to identify the scam.

"I was in an accident," "I've been arrested," and other such emergency scenarios are fabricated to pressure family members into sending money. In Laos, cases have been reported involving not only LINE and WhatsApp, but also WeChat.

How to identify this scam:

• Verify anyone claiming to be a family member using a pre-arranged "code word"
• Hang up once, then call back using the person's original number

"Please share the authentication code you received for security verification." If you provide the OTP, the attacker will log in to your BCEL One or LDB mobile banking account and carry out unauthorized transfers.

Golden rule: Never share your OTP with anyone, under any circumstances. Neither BCEL nor LDB will ever ask for your OTP verbally or via message.

Before moving on to the 5 steps, let's get the environment set up.

• Keep your OS and apps updated: Security patches will be applied
• Enable two-factor authentication (2FA) for mobile banking: Check BCEL One's biometric authentication and PIN settings
• Enable filtering for unknown senders: Turn on "Spam protection" in Google Messages on Android (Android devices hold a large market share in Laos)
• Register emergency contacts in advance: A code word with family members, your bank's emergency contact number, and the nearest public security office number

• Conduct regular security training: Share the latest fraud tactics on a quarterly basis
• Establish management policies for work devices: Clarify the rules for accessing work systems from personal devices
• Document the incident reporting flow: Ensure all staff know who to report to when they receive a suspicious SMS or phone call

Awareness → Detection → Verification → Defense → Reporting. By executing these 5 steps in order, both individuals and organizations can steadily raise their level of cybersecurity.

Regularly update your knowledge of the latest scam tactics. Simply knowing how these scams work increases the number of cases where you can immediately recognize, "This is a scam."

Concrete Actions:

• Check official announcements from the Ministry of Technology and Communications (ກະຊວງເຕັກໂນໂລຊີ ແລະ ການສື່ສານ)
• Follow scam-related news coverage on news sites such as Laotian Times
• Corporate IT personnel should share the latest scam cases internally once a month

If even one of the following "fraud signals" applies, treat it as a potential scam.

While our company was working on a project in Laos, a team member received an SMS claiming to be from "BCEL." On closer inspection, the URL was bce1-la.com (the letter L replaced with the number 1). On a smartphone with a small screen, this is easy to miss, and anyone without a habit of checking URLs carefully would likely not have noticed.

If you receive a suspicious contact, reach out to the official contact information you have looked up yourself, not the contact details provided by the other party.

• A call claiming to be from a bank → Call back the official number, such as BCEL: 021 213 200, LDB: 021 213 300, etc.
• A call claiming to be from a telecommunications company → Verify with customer service at Unitel: 109, Lao Telecom: 108
• A call claiming to be from a government agency → Call back the main number of the relevant ministry yourself

By layering technical defenses, you can minimize the damage in case you accidentally tap a link.

1. Enable biometric authentication on your mobile banking app: BCEL One supports fingerprint and face recognition
2. Only install apps from official stores (Google Play / App Store): Directly installing APK files carries a high risk of malware
3. Review permissions for unnecessary apps: Turn off access to SMS, contacts, and location for apps that don't need it
4. Use a different password for each service: Reusing the same password means that if one is leaked, all your accounts are at risk
5. Do not use mobile banking on public Wi-Fi: Communications can be intercepted on unencrypted networks

If you have been scammed or nearly scammed, reporting it can help reduce the number of other victims.

Many people hesitate to report, but there is no reason to feel embarrassed. As reports accumulate, they help identify and crack down on the same types of scam groups. The 2024 Golden Triangle crackdown was partly triggered by the accumulation of victim reports.

Even if you know the tactics of fraud, you may still make poor judgments when faced with a real situation. Here we outline common failure patterns and ways to avoid them.

Many fraud victims say, "I never thought it would happen to me." In Laos, cases have been reported across both younger and older age groups, and a high level of digital literacy does not necessarily correlate with resistance to fraud.

Countermeasure: When it comes to messages involving money or accounts, develop the habit of pausing for 3 seconds before taking any action.

When pressured with "you need to act right now," it becomes difficult to think clearly. Scammers know this psychology well.

Workaround: Say "I'll call you back" and hang up. A legitimate party will not refuse a callback. If the other person is reluctant to be called back, you can assume it's a scam.

In some areas of Laos, there is a practice of directly installing APK files from sources other than Google Play. However, apps obtained through unofficial channels carry a high risk of containing malware.

Workaround: Only install apps from Google Play or the App Store. Keep the "Unknown sources" (or "Install unknown apps") setting turned off.

Here are answers to frequently asked questions about smartphone scams.

You don't need to ignore all of them. However, if a call immediately opens with "This is your bank" or "This is a government agency" and requests personal information or money, you should suspect fraud. If you're unsure, it's safer not to answer, search the number online to verify whether it's legitimate, and then call back.

Do not tap the link; instead, save a screenshot of the SMS and then delete it. Report it using your carrier's spam reporting feature (Unitel: 109, Lao Telecom: 108) to help prevent further harm from the same number.

You need to act as quickly as possible.

1. Log in to the relevant mobile banking app and change your password immediately.
2. If you are unable to log in, call the bank's emergency contact number and request a temporary freeze on your account.
3. If you have been reusing the same password for other services, change all of them.
4. File a damage report with your nearest public security bureau.

Smartphone scams are definitely on the rise in Laos. However, they can be prevented by knowing the tactics and practicing proper cybersecurity measures. For now, please take just these 3 steps today.

1. Turn on biometric authentication for the BCEL One / LDB app (Time required: 2 minutes)
2. Turn off the "Unknown sources" setting on your smartphone (Time required: 1 minute)
3. Decide on a "code word" with your family (Time required: 5 minutes)

It will be too late once you become a victim. An 8-minute investment can raise the wall protecting your and your family's assets by one level.

References:

• DataReportal, "Digital 2026: Laos" https://datareportal.com/reports/digital-2026-laos
• Laotian Times, "Scammers Forge Official Lao Notices to Steal Personal, Banking Information" (November 2025) https://laotiantimes.com/2025/11/13/scammers-forge-official-lao-notices-to-steal-personal-banking-information/
• Laotian Times, "Laos Strengthens Control on Call Center Scams" (February 2025) https://laotiantimes.com/2025/02/18/laos-strengthens-control-on-call-center-scams-as-thailand-targets-fraud-rings/
• Radio Free Asia, "280 Chinese arrested in Laos for alleged online scamming" (July 2024) https://www.rfa.org/english/news/laos/chinese-arrested-alleged-online-scamming-07052024154614.html
• UN News, "Scam centres are a human rights crisis" (May 2025) https://news.un.org/en/story/2025/05/1163521
• LaoCERT https://laocert.gov.la/