Call forwarding tactic used by more scammers

When an employee for the National Police Hospital (NPH) discovered earlier this month that he had a 6 million won ($5,400) loan in his name, he immediately knew something was amiss.

Upon further inspection, it was determined that voice phishers had borrowed the money, using call forwarding from the man’s office phone line and assuming his identity. However, he was just one among dozens of hospital employees whose phone lines were redirected earlier this month, according to police.

Songpa Police Precinct launched an investigation into the situation after learning that dozens of NPH land lines were forwarded to a voice phishing group over 15 hours starting at 9 p.m. on March 4. It also found that the phone operator KT had accepted the call forwarding application without properly identifying the user.

Call forwarding services allow people to receive phone calls using cell phones or other land lines.

“On March 5, we weren’t able to forward calls in the office, so we asked the facility maintenance team,” said a hospital official. “We then found out from KT that it was a voice phishing group who did it, so we canceled the service immediately.”

Given that dozens of office land lines were forwarded, the police believe there could be more victims.

The perpetrators were found to have engaged in identity fraud to take out loans from banks and make random phone calls, telling recipients to send money for a relative’s surgery - an outdated phishing technique.

The phishers convinced the victims by having them call back to the hospital, which was forwarded to them again.

Voice phishing using call forwarding is a relatively recent tactic.

In January, a couple in Namyangju, Gyeonggi, lost 26 million won from their bank accounts without realizing it. It was later discovered that scammers had requested the pair’s land line operator LG U+ to forward the calls.

The operator accepted, which allowed the phishers to access verification codes via a computer to withdraw the money. LG U+ also came under fire for not properly identifying the user.

KT also neglected to carry out proper identification procedures in the case earlier this month.

“The principle is not to allow any call forwarding service unless it’s an inevitable situation,” a KT official said when asked about the incident. “We assume our employees who received the requests provided the service because they thought the lines should be forwarded because it was a hospital and missing calls could lead to dangerous situations. ... We admit that they made wrong decisions and did not follow guidelines.”

BY YIM JI-SOO [kim.bongmoon@joongang.co.kr]