The Korea JoonGang Daily reported that despite warnings from financial authorities, an average of 116 people fall victim to what is called "voice phishing" scams every day in Korea.
In the rest of the world, these are better known as "phone scams" and often perpetrated by organized crime in dedicated call centers. Sometimes the scams are hybrids, initiated by auto-dialers with automated voice messages, and when the victim takes the bait, the call gets switched to a live bad guy.
According to the Financial Supervisory Service (FSS), the damage from voice phishing in the first eight months of this year has already exceeded the losses incurred during all of 2017.
Voice phishing losses amounted to 263.1 billion won ($233 million) through August, more than the 243.1 billion recorded in 2017. In the first half of 2018, the financial damage was 180.2 billion won, a 73.7 percent increase compared to the same period a year ago.
The number of people who fell victim to the scams increased by 56.4 percent over 2017 to 21,006.
Those who suffered the most were those in their 40s and 50s, whose financial losses amounted to 99.6 billion won, followed by those in their 20s and 30s with 42.5 billion won. Those aged 60 years or older suffered losses of 35 billion won.
The most common fraud involved approaching victims with new loan products or the promise of converting a loan to a different product with lower interest rates. These made up 70 percent of the voice phishing scams committed in the first half.
In May, a man in his 50s received a call from someone posing as a bank employee. The scammer told the man that he could switch his current loan to another loan with a lower interest rate. But in order to do so, the man had to send his existing loans to another bank account. Once the transfer was complete, the scammer withdrew the money and disappeared.
The remaining 29.3 percent were perpetrated by scammers who pretended to be from government institutions, such as financial authorities or the police. Many of these hucksters told victims that their bank accounts were compromised and they should transfer their account balance to a safe government account or hand over the money in cash.
The study by the FSS found that women were more vulnerable to voice phishing from those pretending to be from government institutions. The damages that women suffered from these scams was more than double that of men. The financial losses that women suffered from this kind of fraud amounted to 36.3 billion won, while it amounted to 15.2 billion won for men.
The age group that was hit most by this kind of fraud was women in their 20s and 30s, as their financial losses amounted to 17.5 billion won. They were followed by those in their 40s and 50s with 12.6 billion won, and those who are 60 or older only lost 6.1 billion won. But men over 60 were more vulnerable, as they suffered a loss of 10.1 billion won. Those in their 20s and 30s only lost 2.6 billion won while those in their 40s and 50s lost 2.5 billion won.
Men were more vulnerable to loan fraud, as the financial losses that they suffered amounted to 74.4 billion won compared to women’s 51.4 billion won. Men in their 40s and 50s suffered the most, as their losses totaled 49.4 billion won. Men in their 60s followed with 12.8 billion won and those in their 20s and 30s lost 12.1 billion won.
Women in their 40s and 50s, like their male counterparts, were the most vulnerable, as their losses amounted to 35.1 billion won. The losses that the older generation suffered amounted to 5.9 billion won, whereas women in their 20s lost 10.3 billion.
The FSS said it will hold a “voice phishing zero campaign” with financial institutions throughout October, which will actively warn the public about the dangers of voice phishing.
“Anyone can fall victim to voice phishing,” a FSS official said. “When a government institution, like a prosecutor, police or an FSS employee, claims that the person receiving a call is implicated in a crime or a bank employee asks for a money transfer to convert to a different loan with a lower interest rate,” one should suspect voice phishing.
“One should hang up after writing down the institution, rank and names of the suspected caller,” the official said.
KnowBe4 has a full-fledged module that allows you to inoculate your employees with simulated vishing attacks. Here is a look at the console:
Since cyber crime is resorting to more sophisticated attacks, stepping your users through new-school security awareness training which includes frequent simulated social engineering attacks is a must.
For instance, KnowBe4's integrated training and phishing platform allows you to send simulated vishing attacks that test users for phone-related scams.
See it for yourself and get a live, one-on-one demo.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:
Cross-posted with grateful acknowledgment to LEE HO-JEONG from the Korea JoonGang Daily.