South Korean Police, Five Crypto Exchanges Join Forces to Stop Voice-Phishing Laundering

South Korean police are joining forces with the country’s crypto industry to stop voice-phishing gangs from laundering stolen funds through digital assets, as the tactic spreads.

The National Police Agency said on June 4 that it signed a memorandum of understanding with five domestic virtual-asset operators — Dunamu, Bithumb, Coinone, Korbit and Streami — at the agency’s integrated response unit for telecommunications and financial fraud in Seoul’s Seodaemun district. The agreement is aimed at preventing and eradicating phishing crimes.

The signing ceremony was attended by Oh Chang-bae, head of the police agency’s integrated response unit for telecommunications and financial fraud, and compliance officials from the exchanges.

Voice-phishing operations have recently moved beyond schemes that relied on mule bank accounts or cash withdrawals. They are rapidly evolving into money-laundering operations using virtual assets. Criminal groups convert victims’ money into crypto and then move it to overseas exchanges or electronic wallets, making it harder to trace.

A revised Telecommunications Fraud Victim Refund Act due to take effect in October will impose anti-voice-phishing obligations on virtual-asset operators similar to those applied to financial companies. Exchanges will be required to freeze payments and return victim assets.

The police agency said it arranged the agreement ahead of the law’s implementation so the response can work immediately in practice. The framework combines the security capabilities of the five major domestic virtual-asset operators with police investigative information. To address concerns over potential privacy violations arising from the sharing of phishing-related data, including information on malicious apps, the agency secured approval from the Personal Information Protection Commission on March 11. That laid the groundwork for virtual-asset operators to take on the role even before the revised law takes effect.

During a pilot program that began in mid-March, 4,215 exchange accounts were blocked and 950 million won ($687,000) in losses was prevented. The public-private information-sharing system will be upgraded to a standing cooperation framework under the agreement.

Police will provide data obtained during investigations to virtual-asset operators in real time. Exchanges will incorporate the information into their fraud detection systems, or FDS, to identify suspicious transactions tied to phishing crimes at an early stage.

At the signing ceremony, the police agency also awarded commissioner general citations to Bithumb and Coinone employees for first detecting unusual transactions during the pilot period and helping prevent losses. On March 25, the two companies identified victims who had been deceived by a phishing scam impersonating investigative authorities just before they were about to make transfers, preventing losses of 40 million won ($28,900) and 38 million won ($27,500), respectively.

“The money-laundering methods used in voice-phishing and new scam crimes have recently been spreading into virtual assets, and this agreement with the country’s five largest virtual-asset operators will serve as a practical turning point in protecting our people from crime,” Oh said. He added that the agency will continue strengthening its public-safety partnership with private companies to prevent phishing crimes.

Woo Yeon-su, Hankyung.com reporter, coincidence@hankyung.com