Massive leak opens the floodgates for phishingNew kinds of voice phishing and fraudulent text messages are preying on millions of vulnerable consumers trying to cope with a massive security breach that compromised their personal information,
The National Police Agency yesterday said text messages are urging people to click on links disguised as financial institutions are becoming a huge concern.
“Since the personal information leak at credit card companies, phishing cases have increased rapidly,” said a spokesman for the Ministry of Science, ICT and Future Planning.
It has not been proven whether these growing numbers of fraudulent calls and text messages are directly connected to the leak. However, many people claim to have been victimized the past two days.
“So that’s why I’ve been getting so many fraud-related messages,” posted a 32-year-old on his Facebook page on Monday.
Meanwhile, KB Kookmin Card says it will not compensate for damages caused by fraudulent text messages, spam and voice phishing.
Phishers usually pose as representatives of financial institutions and send emails asking recipients to click a link to upgrade their privacy setting and check whether their personal financial information was leaked.
As soon as a user clicks the link, the device is infected with malware, which makes a small payment and steals financial information such as bank account numbers and passwords.
Regarding the widespread new phishing trend, KB Kookmin Card, NH Nonghyup Card and Lotte Card called for customers to pay close attention, saying they don’t send text messages including links. They added that customers can check information concerning the leaks at their official websites.
Accordingly, the Korea Internet Security Agency (Kisa) under the Ministry of Science, ICT and Future Planning is collecting data about phishing damages and plans to announce it soon.
The agency has been blocking phishing URLs.
According to Kisa, since Jan. 11, 5,814 phishing sites have been detected as impersonating financial institutions. That compares with 4,050 identified for all of 2012 and 74 in 2011.
Among the phishing sites, those that disguise themselve as related to financial institutions or banks account for the biggest share.
Of 7,055 phishing sites detected since Jan. 11, 2012, 77 percent impersonate financial institutions, up from 16.3 percent for the same period the previous year. Those that disguise themselves as game and portal companies accounted for only 1.4 percent, according to Kisa.
The National Police Agency also operates an Information Leak Referral Service on its website and said it does not send any messages that contain links.
Meanwhile, total contact service company KTCS introduced a mobile application named Who Who yesterday, which is designed to identify dangerous of URLs included in SMS messages.
By starting the Who Who and touch the URL in the text message, a user can find out whether there is a hacking file in the link.
BY KIM JUNG-YOON [firstname.lastname@example.org]