Recently, many Koreans have been reporting incidents of phishing, especially with online banking where cyber-swindlers pretend to be bank companies or officials, asking for private information online.
The increasing number of complaints from Koreans about phishing has led experts to warn their community against this trend.
Many Koreans describe the difficulties have experienced after responding to such “bait e-mails,” requesting personal information like Social Security numbers, passwords, and confidential pin numbers without verifying the requests with their banks and credit institutions. The disastrous results include the horrifying discoveries that a big amount of money has been withdrawn from personal bank accounts, credit cards have been wrongly charged – or applied for and received by unknown persons – credit limits exceeded, damaging credit ratings. The harm is not only financial, but also psychological.
Mr. Park, a resident of Long Island, received an e-mail from his bank in mid-February. The e-mail stated that for purposes of preventing customer credit card abuse, his personal information would have to be updated.
The e-mail continued that if Park failed to provide the information requested by March 21, his account would be closed.
At the time, Park was not suspicious; he did not even doubt the veracity of the e-mail – he received legitimate e-mails from the same bank in the past. He therefore responded to the e-mail, following the online instructions. As requested, he provided his Social Security number, credit card number, his birth date, and other personal information.
However, after sending his response, he was surprised to receive the same e-mail request a few days later. In fact, he received the same e-mail request three times in a number of days.
Becoming suspicious this time, he contacted his bank directly, only to be told by bank personnel that the bank had never sent such e-mails. Park followed the bank’s suggestion to come to the bank and change his account number, credit card number, and personal information. This however, took a number of visits. In the end, though, Park was quite lucky – the thieves had not gotten his money. All that was lost was Park’s valuable time. His quick response and swift action prevented a scenario that could have been quite a bit worse.
Such was not the case with Mr. Choi, a Flushing resident. Like Mr. Park, Choi received an e-mail that seemed to come from his bank, and he had no reason to suspect that the e-mail was fraudulent. He also responded by providing all of the information asked of him. That was three months ago.
Recently, Choi discovered that $25,000 had been withdrawn from his account without his permission and without his knowledge. He spent almost a month in proving to the bank that he had not withdrawn the money from his account. After the bank completed the investigation, the bank replaced the stolen funds and deposited it into Choi’s account.
But his troubles were not over yet. Choi also discovered that someone applied for a credit card in his name.
“That person used the credit card so much, almost ruining my credit rating,” Choi said.
Bank experts give customers the following advice: Never respond to e-mails that claim to be from banks, asking for personal and private information online; check the e-mail carefully; and check the Web page or Website you are directed to carefully.
Online thieves create misleading sites that are almost perfect copies of the originals. The easiest way to avoid problems is to not open the homepage linked with the suspicious e-mail. But most importantly, do not provide your personal and private information.
Internet and bank security specialists point out that the most recent scams make claims that the customer must react quickly to risk a negative situation, such as the closing of a bank account. Many customers fall victim to this and quickly provide the exact information needed to cause damage.
Experts stress that banks do not request private information online or by telephone. Should you receive e-mails or telephone calls demanding private information, do not respond. Call your bank to verify if it is authentic. If it proves to be fraudulent, forward it to the online abuse desk of your bank, and then delete it from your inbox.
