Technology is becoming more and more integrated with every aspect of our lives. While it does make our lives easier, there is also a negative side. There is an increasing number of criminals that use technology to scam others. You should know how to protect yourself from this new breed of criminals. And so, today I am going to share with you my experience with ‘smishing’ or SMS phishing. Maybe it can help you if you ever end up in a similar situation.
About Cyber Attacks: Smishing
Maybe you have heard about ‘voice phishing’ or ‘vishing’ before. In Korea, it is a pretty common scam. It is where criminals use fake phone calls to trick people into giving money or revealing personal information.
However, a new form of this scam is becoming increasingly common, – smishing or SMS phishing. Unlike voice phishing which uses voice over the phone, ‘smishing’ is implemented through text messages. Criminals carry out attacks using the intent to collect personal information, including social insurance and/or credit card numbers.
Normally, victims of these crimes will get a text message from the criminals. In that text message is a direct link or number to call. Then, when you click on the link or make a call they will hack your device in order to collect your data.
Chronology of a Smishing Attack
Get the Phishing Message
I received a text that stated I had made some payments in an online market. In the picture, it is written that I had made a payment on a certain date and that I needed to call the given number to confirm the purchase. After getting this info, I immediately checked my account and didn’t find a payment as big as the one mentioned.
I should have stopped and simply deleted this message. It was clear that I had not made any transactions from my banking statement.
However, I was a bit paranoid because it just so happened that at the time, I was making a lot of payments for tour and hotel reservations while planning my parents’ visit to Korea. This message led me to call the number they had listed.
Confirmation by Phone
Then I called the number listed. In other cases in smishing, there will be a direct link. Whatever it is, criminals started gaining access to my information.
When I called, they asked for my ID. I have never shopped or used the app they mentioned, so they suggested using Kakao Talk to check further information. At that time, I was asked to add their ID and become friends on Kakao Talk. Then, they sent me a pdf document via this chat.
I stupidly followed everything that was asked. That is until I tried to open this document. Luckily, I couldn’t download it because I was using an iPhone. And they said they would call back in about 15 minutes.
Asking a Friend
After hanging up the phone, I asked my friend why I couldn’t download the document on my iPhone. She immediately realized this was a scam. It jolted me and decided to ask someone else.
Incidentally, I was at the International Lounge, which is a space for foreign students at my school. So, I immediately asked the foreign students who were working there. Unfortunately, she thought the same as me. She thought that I should call this number and even suggested opening the file from a laptop.
Then I asked the Korean in charge there who luckily came shortly after. After seeing the SMS, she immediately said it was spam, and that I should just ignore it. After I conveyed the chronology of what I had done, she suggested calling the police.
What to Do if You Are a Victim of a Smishing Attack
Call the Police at 112
After conveying the chronology of the incident, the police officer confirmed that it was a smishing crime. The purpose of criminals providing links or documents to download is that it will allow them to access your cell phone. After opening a document or clicking a link, criminals install a hacking application (악성 어플리케이션 해킹 프로그램 ).
So, the police officer asked for the details of all the calls and messages we had exchanged. They also asked for my home address so that the local police would later help. While waiting for the call, the police also asked me to check my account for missing funds. They also asked if I felt like my cell phone was being manipulated. Not long after, the local police called to see if there was a problem and suggested the following for prevention:
Block all phone numbers and chats sent by criminals, call cellular providers, and call the phone call center.
Call the Phone Provider
There are SKT, KT, and LG U+ providers in South Korea. Keep in mind that in Korea you can use your phone number to make a purchase (휴대폰 결재 ). So, this step is to block all cellular payments on your phone. To activate it, you just need to contact your phone provider’s call center.
Call the Mobile Phone Center
Actually, this is the first step I did after getting suggestions from the police. After being connected to the relevant department, the iPhone team checked my phone after I gave permission for remote access. The purpose was to check if there is a hacking application (악성 어플리케이션 해킹 프로그램 ). They also asked me to change the password for the apple ID. Fortunately, we didn’t find any hacking system on my phone.
This article is not for the promotion of the iPhone. But honestly, I feel grateful when I use this cellphone because it has a great security system. If I used android, I would have downloaded the document and become prey to a smishing attack. Hopefully, this experience and information will be useful for you all. I’ve lived in Korea for 4 years and speak Korean fluently. But still, I got hooked by smishing. If you receive an unexpected text message, just ignore it or delete it immediately. If it is necessary to check, it is better to call the police first for prevention.
It is crazy to imagine. Criminals can automatically get all of your information just because you click on a link or open a document. How sophisticated this virtual world of technology is! Please, be careful!
Need more information on how to report crimes in South Korea? Click Here!