Guidance on Preventing Smishing and Phishing Damages
Through Security Notice
As the scale of the Coupang personal information leak has rapidly expanded, the government is forming a joint public-private investigation team to analyze the causes and develop measures to prevent recurrence. The Ministry of Science and ICT and the Personal Information Protection Commission announced this response plan on November 29.
When Coupang first reported the incident on November 19, it was believed that the names and email addresses of customers from 4,536 accounts had been leaked. However, during the investigation, it was determined that information had been leaked from more than 30 million accounts. This action was taken in consideration of the seriousness of the matter.
The Ministry of Science and ICT stated, "There are concerns about large-scale damages to the public due to the massive leak," and announced that, starting November 30, it would operate a joint public-private investigation team to analyze the cause of the incident and establish measures to prevent recurrence. The Personal Information Protection Commission also explained that it had received two reports of leaks on November 20 and November 29 and had been conducting an investigation since November 21. It added, "Since a large number of contact details and addresses are involved, any violation of the legal obligation to implement safety measures will be strictly sanctioned."
The government also raised concerns about possible secondary damages, such as smishing and voice phishing using the leaked information, and issued a nationwide security notice through the Boho Nara website. The notice warned of the possibility of smishing campaigns using keywords such as 'compensation,' 'damage inquiry,' and 'refund,' and provided guidance on the risks of being lured to click on malicious URLs, exposure to phishing sites via portal search ads, and being induced to install remote control apps through voice phishing.
Additionally, users were advised to: ▲ immediately delete suspicious messages or URLs ▲ verify the legitimacy of websites ▲ refrain from entering personal information or authentication codes ▲ apply for number spoofing text blocking services ▲ check and report mobile payment histories ▲ delete malicious apps and reissue digital certificates. Reports of smishing and phishing can be made through the Boho Nara KakaoTalk channel, the spam message reporting function, and the Integrated Voice Phishing Reporting and Response Center.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
