“Your Essential Guide to Smishing & Voice Phishing in South Korea”
Hello, and welcome! If you’re an English speaker living in or visiting South Korea, this guide is for you. We’ll cover everything about smishing (phishing via SMS) and voice phishing (phone‐call scams): how to spot them, what to do step by step, and how to avoid lasting harm.
1. What Are Smishing and Voice Phishing?
- Smishing combines SMS + Phishing. Scammers send text messages containing malicious links that install fake apps (APKs) or lead you to bogus websites to steal your data.
- Voice Phishing (also called “vishing”) sends a text urging you to call back. Once you call, the scammer impersonates a bank or government official and tricks you into transferring money or revealing codes.
Although they use different channels (text vs. phone), both are forms of phishing aimed at tricking you into giving up sensitive information.
2. How to Spot a Suspicious Message
- Over-the-Top Offers
- “Free coupons,” “urgent subsidies,” or “tax refunds” out of the blue.
- Unknown or Strange Numbers
- Short codes like 080-XXXX, 050-XXXX, or unfamiliar local prefixes.
- Typos and Odd Formatting
- Messages with mistakes like “DearCustomer” or missing spaces and punctuation.
- Weird URLs
- Shortened links (bit.ly, t.co) or long strings of random letters and numbers.
3. 5-Step Response Plan
- Don’t Tap or Call
- Never click the link or dial the number in the message.
- Block & Delete
- Block the sender in your messaging app and delete the entire thread.
- Report Immediately
- KISA (Korea Internet & Security Agency): Dial 118, then press 2.
- Police Cybercrime Unit: Call 1566-1188 or report online at counterscam112.go.kr.
- Carrier Spam Block: Forward the scammer’s number to #7777.
- Scan for Malware
- Run a full device scan with a reputable mobile antivirus and remove any suspicious apps.
- Secure Your Finances
- Revoke and reissue your digital certificate (공동인증서).
- Contact your bank or credit card company to freeze or monitor your accounts.
4. If You’ve Installed a Malicious APK
- Switch to Airplane Mode
- Cuts off all data and Wi-Fi connections, preventing the malware from communicating.
- Visit the Nearest Police Station (Cybercrime Division)
- They have specialized tools to remove malware and perform a forensic analysis.
- Note: Local police substations (patrol offices) can’t process these cases—go to the main station.
5. Tips to Prevent Secondary Damage
- Encrypt & Back Up Your Contacts
- If malware steals your address book, it can target your friends and family next.
- Disable “Unknown Sources”
- In Settings → Security, turn off installations from unverified sources.
- Regular Backups & Factory Resets
- Keep your data in the cloud and consider a full reset if you suspect compromise.
- Don’t Forward “I Got Scammed” Messages
- Even well-meaning chain texts can spread panic and confusion.
6. Real-World Cases & Expert Insight
- Case A: Sarah (Seoul)
- Received a “tax refund” smishing text. She reported it to 118 before clicking, preventing any APK download.
- Case B: David (Incheon)
- Got a voice phishing SMS asking him to call a “bank officer.” He blocked the number and immediately reported to the police, stopping the scam in its tracks.
- KISA Security Team
- “When in doubt, block, delete, and report. Following this simple routine stops over 95% of attacks.”
7. Recent Statistics & Emerging Trends
- 2024 Smishing Reports: Over 90,000 cases (+15% vs. 2023)
- 2024 Voice Phishing Losses: Exceeded ₩1.2 billion KRW (~USD 900,000)
- New Tactics:
- QR Code Smishing (up 30%)
- Malicious Links in Messaging Apps (KakaoTalk, WhatsApp)
- Video-call Scams via fake chat rooms
Pro Tip: Be cautious of any link—whether in SMS, chat apps, or emails. When in doubt, don’t click or call.