Voice phishing-related illustration. Image provided by Kyunghyang Shinmun.
A call came from a mobile phone number starting with ‘010.’ “I’m a postal delivery person. You applied for a ○○ card, right? Where should I deliver it?”
When Mr. A denied applying for a card, the delivery person said, “It seems you’ve been a victim of identity theft. I’ll give you the card company’s number, so call them.” Upon calling again, the customer service center instructed to install an app to remotely control the mobile phone. “Identity theft has been confirmed. Call the Financial Supervisory Service’s main number.”
Claiming to be the Financial Supervisory Service, they explained that Mr. A’s identity had been stolen and used in second-hand trading scams, with about 70 victims filing complaints. Mr. A was then given the ‘Prosecutor’s Office’ main number to call. The prosecutors threatened saying, “If you don’t cooperate with the investigation, you will be arrested,” and instructed to activate a new mobile phone, liquidate all savings and deposits to send money to a designated account for verification of illegal funds. Only after transferring about 700 million won did Mr. A realize that the postal delivery person, the Financial Supervisory Service, and the Prosecutor’s Office officials were all voice phishing (phone financial fraud) organization members.
The National Police Agency’s Cyber Investigation Team revealed on the 21st that voice phishing methods involving impersonating postal delivery workers or courier drivers have emerged.
The characteristic of this method is the inducement to install remote control apps. Remote control apps are typically used by service providers to remotely manipulate a customer’s mobile phone for repair or install necessary programs. However, scammers secretly install malicious apps using these to illegally manipulate the victim’s mobile phone.
In this way, when the scammer calls the victim, the display shows the legitimate main number of institutions like the Prosecutor’s Office, and all information on the mobile phone is stolen. This makes it difficult for investigations by deleting conversation contents at the last stage to destroy evidence.
Another characteristic is demanding the victim to activate a new mobile phone. The scammer instructs the victim to conduct various matters using only the newly activated phone, cutting off external communication to prevent the crime from being discovered.
A police official stated, “Although the methods have become diverse, the ultimate method of pretending to be from the Prosecutor’s Office and demanding money is similar to general voice phishing cases”. “Law enforcement agencies never request the installation of remote control apps or the activation of a new mobile phone for security purposes.”
They added, “If you receive calls for card issuance or product payments that you did not request, hang up immediately, and call the relevant institution’s main number or 112 to verify if it is voice phishing.”