▲ An example of a phishing page disguised as a card payment screen
Consumers are advised to exercise caution as hackers have been found using sophisticated phishing pages on some online shopping malls to steal credit card information.
The Financial Supervisory Service (FSS) announced on July 5 that it has issued a "caution" level consumer alert to reduce damages from fraudulent card use.
This follows a report from the Financial Security Institute, which identified evidence of credit card information being stolen through hacking and phishing attacks on several domestic online shopping malls and notified the FSS.
As of June 29, a total of 5,707 cases of data theft have been recorded by a professional criminal organization targeting credit card information.
The crimes were carried out by hacking into online shopping malls with weak security and creating phishing pages that closely resemble actual payment screens during the checkout process.
Consumers should be aware that these phishing pages are designed to trick users into entering personal information, such as credit card details, passwords, and resident registration numbers, and are characterized by requesting excessive information that is not required for normal payment processes.
The attackers exploited the fact that it is difficult for consumers to detect the phishing page; after stealing the card information, the site displays a warning message such as "payment error" and then redirects the user to the legitimate payment page to re-enter their information, allowing the actual payment to proceed.
The FSS stated that there is a high possibility that the stolen information will be used for fraudulent transactions and expressed concerns over the illegal distribution of personal data and further potential damages.
Accordingly, the FSS advised, "If an online shopping mall requests excessive information such as your full resident registration number or entire credit card password during payment, you should be suspicious and refuse to provide it."
This is because legitimate payment processes never require the entry of a full resident registration number or all four digits of a credit card password.
The FSS advised that if you suspect credit card phishing after online shopping, you should immediately contact your card issuer to request a card suspension, reissuance, and password change to prevent further damage.
Additionally, if you use the leaked password on other websites, you should change it to prevent further harm.
The FSS also stated that if you suspect further damage from information leakage, you should report it to the police immediately.
In cases of fraudulent card use involving information stolen through illegal means such as hacking, consumers can be compensated by their card company provided there is no intent or gross negligence on the part of the consumer.
Meanwhile, the FSS, having received reports of the damages, stated that it is responding immediately by establishing a close cooperative system with the Financial Security Institute and credit card companies.
The Financial Security Institute has delivered the stolen card information to card companies to block attempted fraudulent transactions, and each card company has implemented consumer protection measures, such as notifying affected customers, reissuing cards, and blocking fraudulent payments.
(Photo: Provided by Financial Supervisory Service, Yonhap News)
※ Please note: This article was translated by AI and may contain errors.
Video News
Video News