Text message fraud, known as smishing, is rampant. While simple advertising spam has decreased, smishing disguised with ordinary phrases like 'parcel delivery inquiry' or 'fines notification' has surged by 60 times in the last two years. With just one click, malicious apps are installed, leading to the theft of financial information and the discreet redistribution of links impersonating acquaintances, becoming increasingly sophisticated.
The Korea Internet & Security Agency (KISA) revealed the status of smishing detection and countermeasures during a media briefing called 'Issue and Talk' held in Gwanghwamun, Seoul, on the 29th. According to KISA's smishing response team, the number of smishings detected in the first half of this year reached 1,005,434. This is up from 37,122 cases in 2022, increasing to 503,300 in 2023 and 2,196,469 in 2024, with this year already surpassing 1 million. This marks an increase of over 60 times in just two years. During the same period, the number of blocked cases increased from 762 in 2022 to 19,227 in 2024; however, the blocking rate compared to detections remains low, indicating that the risk of harm is not decreasing, according to KISA.
Smishing is spreading as a closely related method to daily life. The method of sending messages impersonating local governments, stating 'fines have been imposed for illegal food waste disposal,' can easily deceive recipients into thinking they are facing actual administrative measures. Clicking the link installs malicious apps that leak information stored on mobile phones. Kim Woo-seok, the Head of Team at KISA's smishing response team, noted, 'Impersonating local governments is particularly dangerous as it is an area where citizens tend to let their guard down,' adding that 'once infection occurs, there is a high possibility it will lead to voice phishing crimes.'
As overseas direct purchases have increased, the '[International sender] payment confirmation' text message has also become a prominent smishing method recently. Clicking it leads to a fake screen resembling a legitimate shopping mall payment page, and if users enter their card number and CVC code, their personal information is immediately stolen. Kim said, 'Thousands of fake shopping mall sites have been created and distributed,' emphasizing that 'the impact is significant as it leads victims to input their financial information themselves.'
Types of notifications for traffic fines mimic the Korean National Police Agency, urging payment for signal violation fines, while impersonated messages from the National Pension Service (NPS) suggest specific dates and demand pension amount inquiries. Targeting the elderly, these messages are crafted to resemble actual public institution forms, necessitating special caution.
Parcel delivery confirmation messages, which had decreased for a while, are now showing a rising trend again. In just the first half of this year, 556,367 cases were detected, accounting for more than half of all smishing cases. Wedding invitation and obituary messages have been discreetly spreading using acquaintances' address books, resulting in low reporting numbers but high risk. The Head of Team, Kim, remarked, 'Messages that anyone can encounter in everyday life are being cunningly exploited,' and added, 'You can become a victim the moment you let your guard down.'
KISA introduced the 'X-ray service,' which determines the maliciousness of messages at the sending stage and halts transmission. Previously reliant on post hoc blocking, the X-ray analyzes URLs in real time during the sending phase and prevents transmission if deemed malicious. The pilot operation, which began in April, involved participation from SMKT, a text message sending platform company. This case represents a system designed by a public institution that a private enterprise has verified on-site. Kim Moon-sik, the head of SMKT, stated, 'With the introduction of the X-ray, we achieved a detection rate of over 99% and operated stably without any transmission delays,' and added that 'just as factory wastewater cannot be discharged without purification, malicious messages should not be circulated without filtering.'
The X-ray service is set to be mandatorily implemented for message resellers following the revision of the sender qualification certification system, which the Korea Communications Commission will enforce starting on the 19th of next month. Kim Woo-seok, the Head of Team, stated, 'Even small businesses can apply it for free as API (Application Programming Interface) will be provided, meaning the threshold for introduction is not high,' and noted that 'it will expand across major enterprises within the year.'