Fake Online Checkout Pages Steal ID Numbers, Full Card Passwords in South Korea
Summary
- The Financial Security Institute and the Financial Supervisory Service said they had identified signs that a total of 5,707 cases involving stolen credit card information and personal information were linked to hacking and phishing attacks targeting some domestic online shopping sites.
- Financial authorities and card companies are taking consumer protection steps including blocking fraudulent payments, suspending card use, and reissuing cards, and have issued a consumer alert at the "Caution" level.
- The Financial Supervisory Service urged consumers to stop entering information if an online payment page asks for their full resident registration number or all four digits of their card password, and to immediately request a reissue and PIN change if they suspect a data leak.
Forecast Trend Report by Period


Victims were prompted to enter full resident registration numbers and all four digits of their card password before being redirected to a legitimate payment page
Card issuers are blocking fraudulent transactions and reissuing cards

South Korean authorities have identified signs that phishing pages mimicking legitimate payment screens were inserted into the checkout process at some domestic online shopping sites, resulting in the large-scale theft of credit card and personal information.
Financial regulators have launched a joint response with card issuers to prevent fraudulent payments and further losses tied to the leaked data.
The Financial Supervisory Service said the Financial Security Institute recently found signs that credit card information had been stolen in hacking and phishing attacks targeting some domestic online shopping sites and notified the regulator. A total of 5,707 leaked card data cases had been identified as of June 29.
The FSS issued a consumer alert at the "Caution" level as concerns mounted over fraudulent card use stemming from phishing and hacking schemes disguised as virtual asset businesses.
The attackers hacked online shopping sites with weak security and inserted fake payment pages into the card payment process.
The phishing pages were designed to prompt users to enter excessive personal information, including all four digits of their card password and their full resident registration number, even though that information is not required in a normal card payment process.
After a user entered information on the fake page, it displayed a message such as "payment error" before bringing up the legitimate payment page again.
If the consumer entered the information again, the payment was completed normally, making it difficult for victims to realize they had been hacked, the FSS said.
The regulator said it had set up a joint response system with the Financial Security Institute and card companies to prevent further damage, including unauthorized logins to virtual asset wallets or other websites.
The Financial Security Institute is providing the stolen data to card issuers to help block attempted fraudulent payments. Card companies are also contacting affected customers individually and taking consumer protection steps, including suspending card use and reissuing cards.
The FSS urged consumers to stop immediately if an online payment page asks for their full resident registration number or all four digits of their card password.
Anyone who suspects their information has been exposed should immediately request a card reissue and a personal identification number, or PIN, change.
Consumers using the same password on other websites should change those passwords as well.
If losses occur, such as withdrawals for transactions they did not make, consumers should report the case to the integrated reporting center at 112 to request a payment suspension. They should then obtain documentation confirming the incident and apply for compensation with their card issuer.
The regulator added that card issuers are required to compensate consumers for fraudulent card use involving illegally stolen information unless the consumer acted intentionally or with gross negligence.
Park Sang-kyung, Hankyung.com reporter highseoul@hankyung.com
Korea Economic Daily
hankyung@bloomingbit.ioThe Korea Economic Daily Global is a digital media where latest news on Korean companies, industries, and financial markets.