[In-Banking, Bubble vs Innovation]③ Exploited for Financial Crimes... Voice Phishing Doubles in Increase

[Asia Economy Reporters Bu Aeri and Lee Minwoo] #When trading secondhand goods online, it is not difficult to find posts advising to be suspicious of KakaoBank account users. Coincidentally, the number of fraud cases involving KakaoBank is higher compared to other banks, and due to the nature of internet-only banks, it is difficult to estimate the bank’s branch location when reporting to the police, making tracking challenging.

#Recently, KakaoBank came under fire for somewhat inadequate responses to a new type of voice phishing scam called 'Kabang Account Threat.' This scam involves sending money to a leaked account number, then reporting it as a voice phishing account to freeze it, and extorting money from victims by saying they will cancel the report if paid. KakaoBank repeatedly responded with statements like 'there is nothing we can do,' which frustrated victims.

As financial fraud such as voice phishing evolves and intensifies, internet-only banks are criticized for being less diligent in management compared to commercial banks. In fact, while related damages and cases steadily decrease in commercial banks, the three internet-only banks (KakaoBank, K Bank, Toss Bank) have seen a continuous increase. For this reason, what was once praised as 'innovation' for easier account opening and loans compared to commercial banks is now criticized for being exploited for financial crimes after several years.

According to data submitted by the Financial Supervisory Service to Park Jae-ho, a member of the National Assembly’s Political Affairs Committee from the Democratic Party, the voice phishing damage amount for the three internet-only banks reached approximately 12.88 billion KRW by the end of last year, about double the 6.5 billion KRW in 2019. This year, as of the first half, it has already reached 7.7 billion KRW, expected to surpass last year’s damage. The number of cases has also increased more than threefold. The number of voice phishing cases for the three internet-only banks was 871 in 2019, 1,277 in 2020, and 2,756 in 2021, increasing every year. This year, as of the first half, it already reached 2,353 cases.

The number of voice phishing scam accounts for the three internet-only banks also showed an increasing trend, reaching 7,083 by the end of last year. This is a 126% increase compared to 3,128 in 2020 and a 186% increase compared to 2,475 in 2019. This year, as of the first half, it already reached 5,961 accounts, surpassing the total number of scam accounts for all of 2020. By bank, as of the first half of this year, KakaoBank had the most with 3,270 accounts, followed by K Bank with 1,836 and Toss Bank with 855.

Unlike the three internet-only banks, which have seen increasing damage every year, commercial banks have experienced decreases in both voice phishing damage amounts and cases. The four major banks (KB Kookmin, Shinhan, Woori, Hana) saw damage amounts drop 83% from 353.4 billion KRW in 2019 to 60.5 billion KRW in 2021, and cases decreased 71% from 38,798 to 11,299.

As of the first half of this year, the voice phishing damage amounts were Woori Bank (6.6 billion KRW), KB Kookmin Bank (5.6 billion KRW), Shinhan Bank (5.5 billion KRW), and Hana Bank (3 billion KRW). For the three internet-only banks, the order was KakaoBank (4.2 billion KRW), Toss Bank (1.8 billion KRW), and K Bank (1.7 billion KRW). KakaoBank’s damage amount and number of cases were similar to those of much larger commercial banks. The number of cases for KakaoBank was 1,483, exceeding KB Kookmin (1,443), Shinhan (1,383), and Hana (1,233).

Experts point out that the three internet-only banks are inherently more vulnerable to security issues compared to commercial banks, which mainly conduct offline transactions. Professor Seo Ji-yong of Sangmyung University’s Business Administration Department said, “Commercial banks mostly use public certification for transactions, so although inconvenient, their systems are harder to breach. Users have moved to more convenient internet-only banks, but this has led to side effects such as increased voice phishing damage.”

However, the three internet-only banks have stated their intention to enhance their Fraud Detection System (FDS) models and systems. A KakaoBank official explained, “Recently, as it has become harder for fraud groups to steal victims’ funds through mule accounts, incidents of stealing money through secondhand transactions have increased. Since users of secondhand trading platforms are mostly in their 20s and 30s, the proportion of KakaoBank accounts registered by this age group has also increased.”

K Bank also stated that it operates its FDS 24 hours a day to actively prevent voice phishing damage. K Bank is currently upgrading its system this year and plans to continuously strengthen its performance. Toss Bank operates a similar system. A Toss Bank official said, “We provide a fraud suspicion siren service equipped with the police agency and The Cheat service.”

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.