Spammers get smart with apps

A 31-year-old office worker surnamed Kim recently received a KakaoTalk message saying his KakaoTalk account had been reported and that he needed to cancel the report.

Kim, who was surprised to see the message, clicked on the attached link and was connected to a mobile web page that resembled KakaoTalk’s official site.

At the bottom, there was a button that read “register and confirm your document.” Kim said he closed the page immediately because he thought it was strange that KakaoTalk had suddenly asked him for an unspecified document, but he was nearly fooled.

This is just one example of how mobile spam is spreading through KakaoTalk, which is protected by software company ESTsoft. Some people have also received messages saying that their KakaoTalk account had been accessed somewhere else.

This type of spam makes users think that someone else has logged into their account so they click the Internet address. If the user clicks the button to register and confirm documents, another fake mobile app that looks like a local bank’s website opens and will steal the users’ banking information if they type it in.

“These spams relieve users’ doubt by using the word ‘kakao’ in the Internet address or in the fake mobile app,” said Kim Joon-seop, a software business security manager at ESTsoft. “Consumers should be aware of the spam that impersonates familiar mobile apps to take small payments or steal personal information.”

And malicious spam messages are evolving, despite anti-spam systems developed by mobile carriers and security agencies.

As businesses with advanced information technology spread spam using techniques that get around security systems, spams are becoming more difficult to get rid of once accessed.

The most typical way to dodge security is to erase the “[Sent from Web]” phrase at the beginning of a message, which the government made mandatory last month on text messages sent from websites. It was a preventive measure as more spammers send messages from the Web.

Ideally, people would be able to see where their texts have come from, but spammers have instead started using a mobile app that can send hundreds of text messages at once, according to the Ministry of Science, ICT and Future Planning.

As the messages are sent from a smartphone but use an app meant for a PC, it is difficult to detect whether they are spam or not, the ministry said.

Picture spam, which comes as a text with a photo file that looks like an advertising flyer, is also rampant. Spammers found a hole in security systems: Most detect spam messages through keywords, so they can’t filter out pictures.

Spams using a smartphone scheduling program linked with a Google account have also appeared.

A 38-year-old office worker surnamed Chang was embarrassed to see an alarm during a meeting, which said his main event of the day was “Sex Partners Wanted.” But he had never saved it to his schedule.

It was spam that used Google Calendar which allows the user to share schedules with others via email.

The spammer can make advertising content in schedule form and send it to people’s Gmail accounts so it will automatically appear in the recipients’ calendars.

“Google Calendar users can block the spam by clicking ‘no’ to automatically adding invitations to the calendar in the settings,” said Choi Seon-kyoung, Internet ethics director at the Korea Communications Commission (KCC). “Then, only the invitations that the users have replied to will be added to their calendars.”

Despite new methods, the number of spam messages sent to smartphones has been declining for the past several years.

According to the Korea Internet Safety Association (KISA), 32.6 million spam messages were reported in 2012, but last year the number was down to 21.75 million.

As of July this year, users reported 9.88 million spam messages. Gambling-related spams were the most common with 4.33 million, followed by loans, (660,000), designated driving, (610,000), subscription to telecommunications services (480,000) and adult-content ads (470,000).

“The number of spam registered is decreasing steadily, but as the approach becomes increasingly clever, users’ fatigue is growing even more,” said Choo Hyun-woo, head of the spam response team at KISA.

The methods used to send spam are illegal under the Act on Promotion of Information and Communication Network Utilization and Information Protection, which says a recipient must give prior consent before a for-profit advertising message is sent to them. The name and contact information of the sender, as well as how to block the sender, must also be provided.

Those who break the law face a maximum of one year of imprisonment and a fine of up to 30 million won ($29,450).

“Not only does spam contain sensational and harmful advertisements, but they also include malicious codes and can leak personal information, so smartphone users must be cautious,” said Lee Byung-gui, a member of the cyber planning team at the National Police Agency. “It is also problematic because behind mass spam massages, there are illegal backdoor deals.”

The government is trying to keep up with the quick evolution of illegal spam. The KCC is jointly developing a system that will detect picture spam with KISA and will put it into action as early as the end of this year. The system will scan the spam messages to obtain the coding behind the picture and then block the image files.

“We are seeking ways to reduce spam that uses KakaoTalk or erases the [Sent from Web] phrase in the text messages in close cooperation with the communications industry,” said Kim Joo-han, head of the telecommunications division at the science ministry.

To reduce spam even by a little, users should download one of the mobile carriers’ anti-spam message apps: KT’s WhoWho, SK Telecom’s T Spam Filtering or LG U+’s Whoscall.

The apps filter messages with spam phrases or phone numbers that are reported the most.

Users can also block text messages from unwanted financial companies if they subscribe to the Do-Not-Call service provided by the Financial Services Commission (FSC).

People who subscribe will not get text messages or cold calls from specified financial companies for two years if they include them on their spam list at donotcall.or.kr. The FSC said 2,500 people subscribed to the service when it was launched on Monday.

“Users can also prevent additional damages to other users if they report spam to spam.kisa.or.kr or by calling 118,” Choo said.

BY SOHN HAE-YONG [kjy@joongang.co.kr]