![[New Wave] How to Prevent Increasingly Sophisticated Phishing Crimes Following Trends](https://cphoto.asiae.co.kr/listimglink/1/2021111608151622145_1637018116.jpg)
As technology advances and trends change rapidly, new services and markets are emerging every day, attracting the attention of many companies and users. The more users flock to and transactions become active in a particular field, the more it becomes a lucrative target for criminals, including hackers. With phishing crimes exploiting newly popular keywords aligned with market trends increasing rapidly, special caution is required.
One of the most notable keywords in the market recently is “NFT (Non-Fungible Token).” The IT industry, as well as finance, gaming, media, and distribution sectors, are incorporating NFTs, and new services utilizing them are being launched one after another. Fueled by this craze, the global NFT issuance market recorded a transaction volume of $17.7 billion last year. This represents an increase of more than 215 times compared to $80 million in 2020, demonstrating explosive growth.
Recently, the Italian luxury car manufacturer Ferrari became a target of attacks related to NFTs. Hackers hacked a subdomain of Ferrari’s official website, posted fake NFT items for sale, recruited buyers, and stole money. Since Ferrari had officially announced an NFT collection, it was likely easy to deceive customers. Additionally, new attack methods have emerged, such as sending fake contract links to NFT buyers to induce signatures and steal NFTs.
Phishing crime damages are also rampant in the rapidly growing secondhand trading and resale markets, especially among the MZ generation. Common phishing tactics on secondhand trading or resale platforms involve encouraging safe payments during transactions and sending URLs that lead to phishing sites to steal money. The phishing sites created by criminals closely resemble well-known safe payment platforms, making them difficult to distinguish without careful inspection. Therefore, it is essential to thoroughly check URLs and verify whether the account holder of the deposit account displayed after entering names, phone numbers, and addresses matches the safe payment platform’s account.
Voice phishing using personal information traded on the dark web has also become more sophisticated, leading to ongoing related damages. Recently, a voice phishing method exploiting a loophole where only the last digits of the caller’s number are compared to display stored names on smartphones has emerged, threatening users. Attackers collect personal information including names, relationships, and phone numbers through hacking or the dark web, then generate overseas phone numbers whose last digits match those of family or acquaintances to deceive victims. Fortunately, a legislative amendment mandating the display of the caller’s country on smartphones has recently been proposed to counter such advanced voice phishing crimes. On an individual level, it is advisable to install phishing prevention solutions linked to financial institutions’ FDS (Fraud Detection Systems) on smartphones to more thoroughly prevent voice phishing scams.
To prevent increasingly sophisticated and evolving phishing crimes in line with trends and reduce related damages, it is necessary for the public and private sectors to conduct regular monitoring and actively share information. Individual users should also pay attention to the latest phishing crime methods in daily life and exercise greater caution.
Choi Jungsoo, Head of Core Research Team, Raon Whitehat
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
