A person surnamed A, who lives in Seoul, recently got a call from an elderly father asking to return money that had been given as a gift. When asked why, the only answer was that a financial incident had occurred and action was needed. Sensing something was off, A reported it to police and rushed to the father's home.
Even until police arrived, the father was on the phone with a voice phishing scammer. He had already withdrawn about 10 million won from an ATM. A said, "We avoided the scam thanks to the police responding quickly, but just thinking back to that moment still makes my heart sink."
With personal data leaks occurring one after another at SK Telecom, Lotte Card, and Coupang, concern is growing over secondary damage from voice phishing (telephone financial scams) and smishing (scams that lure you through text links). Investigators advised hanging up immediately on calls that ask for personal information and not clicking URLs in texts.
According to the Integrated Response Team for Telecommunication Financial Fraud on the 2nd, phishing crimes exploiting leaked personal information are occurring. A typical method is impersonating corporations that suffered data leaks and inducing installation of applications under the pretext of strengthening security.
▲ Claiming a card you never applied for has been shipped to you and steering you to a fake customer center; ▲ telling you to visit a separate website if you cannot receive a court registered mail in person; ▲ saying you are linked to a crime and instructing you to open a new mobile phone line, are also common phishing tactics.
To prevent damage, the key is to cut off contact with phishing scammers. You can check numbers suspected of voice phishing on the Integrated Response Team website at https://www.counterscam112.go.kr/phishing/searchPhone.do.
A police official said, "If an unknown number calls and asks for personal information, hang up no matter what," adding, "Even saying 'I'm driving' or 'I'm in a meeting so it's hard to talk' gives additional information that you have a car and work for a company."
An official at the Financial Supervisory Service also said, "If you are told to go to a cash dispenser or to access a site and install an application, it is 100% a phishing crime," adding, "They fabricate urgent situations to hinder normal judgment, so it is important to end the call quickly."
If you were fooled by a scammer and sent money, you must first place a hold on the payment. It is important to block withdrawals because you can be made whole only if the funds remain in the fraudulent account.
If you call police at 112, you can handle everything at once from filing the case to placing a hold. You can also contact the Financial Supervisory Service (1332) or the call center of the remitting or receiving financial company.
If you accessed a malicious link provided by the scammer or installed a malicious application, start by deleting it. For Android devices, delete it from "Downloads" or "APK installation files" and then empty the trash. For Apple iOS devices, you can check and delete it from "Files" downloads.
To prevent secondary damage, go to the Korea Information and Communication Promotion Association identity theft prevention service at https://www.msafer.or.kr/index.do, click "subscription restriction service," and block opening any new mobile phone line in your name. If you register on the Financial Supervisory Service's personal information exposure incident prevention system at https://pd.fss.or.kr/ or visit a bank branch, you can strengthen identity verification procedures for financial transactions.
Since the 24th of last month, the "emergency blocking system" has been formally in effect. When the Integrated Response Team analyzes reported phone numbers and requests a block on numbers suspected of being used for crimes, telecom operators block them for seven days. If you receive a fake notification text and cannot get through when you call, emergency blocking may have been carried out.
Reporting is also important to prevent other victims. If you use a Samsung Electronics Galaxy phone, you can easily report by text. For texts suspected of phishing, click "Report message" next to block sender and then select "Report as phishing." You can also report via "integrated reporting" on the Integrated Response Team website.
A police official urged, "If you receive a text or call suspected of phishing, do not click or respond. Report it along with a tip to the Integrated Response Team for Telecommunication Financial Fraud (1566-1188) or 112."