The Financial Supervisory Service said on the 18th it will raise the consumer alert level by one notch from "caution" to "warning," as recent cases of voice phishing and smishing disguised as the Coupang personal data leak have been confirmed and related tips have increased.
The Financial Supervisory Service (FSS) issued a "caution" consumer alert on the 1st regarding the Coupang personal data leak to prevent secondary damage such as voice phishing. After actual damage cases were confirmed and similar tips followed in succession, the FSS decided that financial consumers need to be particularly careful and raised the alert level.
Recently confirmed methods mainly exploit financial consumers' anxiety over personal data leaks and their expectations for compensation by mentioning identity theft crimes and compensation procedures. It was found that scammers often pose as government agencies such as the prosecution, police, and the Fair Trade Commission, or impersonate employees of electronic payment agencies.
In voice phishing cases, scammers mention the Coupang personal data leak and deceive victims by saying they were involved in opening a shell account or in money laundering crimes, then lure them to access a phishing site under the pretext of verifying the damage. A typical tactic is to demand access to a specific site with lies such as that a registered mail item was returned or that case-related official documents must be viewed online.
When accessing a phishing site, scammers induce the installation of a malicious app or a remote control app (application) along with entering personal information, under the pretext of identity verification. If such an app is installed, scammers can manipulate the victim's mobile phone calls, steal personal information, and even check real-time locations, and they may demand money transfers under the pretense of asset protection funds or deposits.
Numerous smishing texts disguised as the Coupang personal data leak are also being identified. Scammers list leaked personal information in detail, such as names, contact numbers, and bank account numbers, present compensation for damages, and then approach victims by inducing them to click a link (URL) in the text or access messengers such as Telegram.
The Financial Supervisory Service (FSS) stressed that if courts, the prosecution, the police, the post office, and others demand access to a specific site or the installation of an app on the grounds of case verification or returned registered mail, it is an attempt at voice phishing. It said that if personal information is entered by accessing a L.I.N.C in a text message or installing an app, a mobile phone may be controlled by scammers, so particular caution is needed.