▲ An example of an actual phishing page used during card payment
Consumers are being urged to exercise caution as evidence has emerged of hackers creating sophisticated phishing pages on certain online shopping malls to steal credit card information.
The Financial Supervisory Service (FSS) announced today (July 5) that it has issued a "caution" level consumer alert to reduce damages from fraudulent card use.
This follows the Financial Security Institute's discovery of evidence that hackers were using phishing attacks to steal credit card information from some domestic online shopping malls, which was subsequently reported to the FSS.
As of June 29, a total of 5,707 cases of information theft by a professional criminal organization have been identified.
The crimes were carried out by hacking into online shopping malls with weak security and creating phishing pages that closely resemble legitimate payment screens during the checkout process.
Consumers should be aware that these phishing pages are designed to trick users into entering personal information, such as card details, passwords, and resident registration numbers, often requesting excessive information that is not required for a normal payment process.
The attackers exploited the fact that it is difficult for consumers to detect these phishing pages. After stealing the card information, the pages would display a warning message such as "payment error" and then redirect the user to the legitimate payment page to re-enter their information, allowing the actual transaction to proceed as normal.
The FSS stated that the stolen information is highly likely to be used for fraudulent transactions, raising concerns about the illegal distribution of personal data and further damages.
In response, the FSS advised, "If an online shopping mall or similar site asks you to enter excessive information, such as your full resident registration number or your entire card password, you should be suspicious and refuse to provide it."
This is because legitimate payment processes never require users to input their full resident registration number or all four digits of their card password.
The FSS also advised that if you suspect your card information has been phished after online shopping, you should immediately contact your card company to suspend the card, request a reissue, and change your password to prevent further damage.
Additionally, if you use the same password on other websites, you should change it to prevent additional security breaches.
Furthermore, the FSS stated that if you suspect further damage from the information leak, you should report it to the police immediately.
In cases of fraudulent card use involving information stolen through illegal means such as hacking, consumers can be compensated by their card company provided there is no intent or gross negligence on the part of the consumer.
(Photo courtesy of Financial Supervisory Service, Yonhap News)
※ Please note: This article was translated by AI and may contain errors.
Video News