Smishing and phishing scams impersonating virtual asset exchanges, the Ministry of Employment and Labor, and the Korea Workers Compensation and Welfare Service are proliferating. Beyond simple spam, cases now include actual business visits and emails spoofing official government addresses. "Intelligent impersonation scams" targeting both businesses and individuals with personal data theft, insurance sales, and financial solicitation are rampant.
Three main attack vectors: (1) Virtual asset exchange impersonation emails — spreading smishing with "account suspension" or "identity verification" prompts, evolved into malware-spreading "redistribution smishing"; (2) Ministry of Employment and Labor/Workers Compensation Service impersonation — using similar email addresses (e.g., welco@kcomwel.or.kr vs. official comwel.or.kr), inducing anxiety about employment insurance status, including actual business visits claiming "retirement pension education" to sell insurance products; (3) Government agency number spoofing — using official phone numbers to solicit paid training or insurance products.
Important: Government agencies and exchanges never require attachment execution; identity verification must only occur through official apps or websites. Korea Workers Compensation Service never contacts individuals or businesses by phone or visit for retirement pension education. Prevention: never click links or attachments from unknown sources; directly log in through official websites; keep antivirus software updated; contact agencies directly to verify suspicious contacts. Reporting: Police (112), Ministry of Employment and Labor (1350), Workers Compensation Service (1588-0075). "The first line of defense: no public agency will ever call first or visit to demand money — remembering this single principle prevents 90% of fraud."
