[Voice Phishing Exposed]<Part 1> Evolving Crime Tactics... Know Them to Avoid Them

Loan Fraud and Impersonation of Institutions
Last Year's Damage Amounted to 235.3 Billion Won
Malicious App Installation... Calls Connect to Phishing Organizations
"Complex Various Types, Prevention Rules Must Be Known"

[Asia Economy Reporters Lee Gwan-ju and Yoo Byung-don] Although awareness of voice phishing has increased, the crime methods have also evolved, and the damage continues. In line with the development of the internet, telecommunications, and electronic devices, voice phishing criminals are intensifying their crimes by combining advanced methods such as phishing sites and malicious applications with traditional face-to-face extortion, moving beyond simple phone calls.

According to the National Police Agency, Financial Supervisory Service, and others, recent voice phishing crimes can be broadly classified into two types. One is the ‘loan impersonation type.’ This method mainly involves impersonating financial companies and claiming that loans are possible regardless of credit rating or offering to convert existing loans into low-interest loans. They sometimes send loan messages impersonating trustworthy financial institutions from the start to directly induce victims to call.

However, it is common for them to demand loan processing fees or advance interest during the loan process. Actual voice phishing cases show tactics such as deceiving victims by saying, “It is difficult to get a loan with your current credit rating, but if you deposit a guarantee insurance fee of 650,000 KRW, you can get a loan up to 20 million KRW,” then taking the account information and disappearing. The total damage from such loan impersonation voice phishing scams reached 156.6 billion KRW last year.

In the case of the ‘institution impersonation type,’ which pretends to be the police, prosecutors, or the Financial Supervisory Service, new methods have emerged as public vigilance has increased. Instead of impersonating institutions from the start, they first make victims suspect voice phishing, then approach them pretending to be police or prosecutor investigators. They induce victims to transfer money to fraudulent accounts by saying that a deposit must be made to prevent damage, or even meet victims in person to collect money. The damage from such impersonation-type voice phishing also reached 78.7 billion KRW last year.

Recently, ‘mobile phone hijacking apps’ have also been used during a series of fraud processes. Under the pretext of filling out documents necessary for loans, victims are sent an internet address (URL), and when clicked, a malicious app is automatically installed. Once this app is installed and the phone is infected, any call made from the phone is connected to the voice phishing organization. There is also a surge in voice phishing crimes that impersonate family or acquaintances to induce small transfers of less than 1 million KRW.

A police official stated, “Looking at the recent trends in voice phishing crimes, it is difficult to specify a particular method as various types are complexly combined,” and emphasized, “It is important to familiarize yourself with the main crime methods, avoid clicking on unknown URLs, and always verify directly with the person if money is requested to prevent damage.”