If you want to wrap up voice phishing smishing prevention for life in Korea, save this guide. The less Korean you speak — and the less familiar you are with how Korean institutions actually work — the easier these scams hit. In 2026, the attack stack now combines malware apps + call manipulation + QR (quishing) + AI voice synthesis in one go. KISA recently issued a fresh advisory specifically about government-impersonating quishing attacks (Boho Nara / KISA).

This article covers (1) the latest scam patterns showing up in Korea right now, (2) the step-by-step actions to take if you do get hit, and (3) the red flags foreigners should watch out for. If you’ve ever received a suspicious call or text in Korea, read to the end.

Voice phishing smishing prevention step 1: 7 latest 2026 patterns at a glance

Type	What it looks like	Foreigner risk
1. 010 caller-ID spoofing	Overseas call centers masquerade as Korean 010	Very high
2. Fake gov / bank + app install	“Security check” or “account protection” pushes malware/remote-control app	Very high
3. Quishing (QR scam)	“Survey / consultation” QR leads to phishing site or malware	High
4. Parcel / customs / unpaid fees	Caller reads URL aloud to push you to a fake site	Very high
5. Compensation / coupon bait	“Extra payout” or “free coupon app” tied to a real news story	High
6. AI deepvoice	Mimics a friend’s voice to demand urgent money	High
7. Surveillance / coercion	“Stay alone, don’t tell anyone, follow my orders”	Very high

Voice phishing smishing prevention pattern 1 — “010 calls from overseas call centers” (caller-ID spoofing)

Calls placed from overseas can be routed through illegal relays so they appear as a domestic Korean 010 number. The “010 = safe” rule no longer applies (Chosun).

• Speaks fast, repeats “right now”
• Pressures with “identity check / account check / case lookup”
• Won’t let you hang up — uses psychological pressure

Voice phishing smishing prevention pattern 2 — government / bank impersonation + app install

The most dangerous combination. The caller pushes “security inspection”, “victim relief”, or “account protection” to make you install a specific app (remote-control or malware). Once it’s on your phone, your credentials, SMS, and calls can all be intercepted. Foreigners often see variants like “immigration record check”.

• Pushes you to click a smishing link
• Pushes you to install an app (malware / remote control)
• Then steals authentication, calls, SMS

Once malware is installed, scammers can intercept and reroute outgoing calls, so even calling “your” bank can connect you to the criminal (DBR).

Voice phishing smishing prevention pattern 3 — “Just scan this QR” (quishing)

Instead of a text-message link, scammers now send a QR code. They impersonate government agencies or research institutes with plausible reasons (“survey / consultation / opinion poll”) and the QR leads to a malware install or a phishing site (Boho Nara).

Voice phishing smishing prevention pattern 4 — parcel / customs / unpaid fees (URL read aloud)

The classic SMS-link scam has evolved: now scammers call you and read the URL aloud as part of fake “consultation”. Foreigners commonly see “customs not paid” or “delivery address change” variants (Byline Network).

Voice phishing smishing prevention pattern 5 — “data leak compensation / free coupon” bait

Scammers exploit real news stories about data leaks, government subsidies, or shopping coupons to push fake “compensation”, “extra payout”, or “free coupon app” downloads (KISA).

Voice phishing smishing prevention pattern 6 — AI deepvoice (someone you know)

AI voice cloning to fake “I urgently need money” calls from a friend or family member is officially flagged as a growing threat (Korea.kr). The strongest defense: agree on a secret verification question with your family or roommate in advance.

Voice phishing smishing prevention pattern 7 — surveillance and coercion

If the caller orders you to “stay alone” or “tell no one”, it’s 100% a scam. No real Korean public agency controls your behavior this way.

Voice phishing smishing prevention step 2: response order if you got hit (stop payment first)

Below is the actual order foreigners can follow, broken out by situation: money sent / link clicked / personal info handed over.

A. You sent money / wired / paid by card (most urgent)

1. Call the bank immediately and request “stop payment” (지급정지). Call the customer center of the bank you wired from, say “voice phishing victim, please freeze the account”. Capture transaction screenshots if possible (Counter Scam 112).
2. Dial 112. Korea has consolidated voice-phishing reports into 112 (Korean National Police Agency). Foreigners can say “English please / Interpreter please” — 24/7 interpretation is available (Korea.net).
3. Preserve evidence (do not delete). Screenshot SMS, KakaoTalk threads, call logs, account numbers, the scammer’s number, plus the installed app’s name and permissions.
4. File a police report and submit a “victim relief” application at the bank. Standard flow: report → stop payment → relief application (Credit Finance Association).

B. You clicked a link / installed an app (money may not have moved yet)

1. Airplane mode ON, data and Wi-Fi OFF. Cuts the scammer’s remote control and downloads.
2. Delete the suspicious app + run a security check. Settings → recently installed apps → remove. Run a malware scan.
3. Change banking and email passwords immediately + enable 2FA. Email is the master key — once it’s compromised, everything cascades.
4. Call 118 for KISA support. 118 is the official channel for smishing / malware advice.

C. You handed over personal info (passport / ARC number / bank details)

1. Call 112 and get a case number / receipt (Counter Scam 112).
2. Change every account password (start with email).
3. Tell your bank / card issuer about the suspected leak; ask for monitoring and reissue.
4. Expect a flood of suspicious calls / SMS afterwards — stay alert.

Voice phishing smishing prevention: foreigner red flags — hang up immediately

If any of the lines below come up, end the conversation. You don’t owe them politeness or explanations.

• “Wire it right now / install it right now”
• “Keep it secret — don’t tell anyone”
• “It’s an active investigation, move alone”
• “Scan this QR / open this link / install this app”
• “Read me your full OTP / full card number / all your security info”

Emergency numbers every foreign resident in Korea should save

Number	Use	Foreign-language support
112	Police (incl. voice phishing)	English / Chinese 24/7
118	KISA — smishing / malware	Mostly Korean
1332	Financial Supervisory Service — financial harm	Mostly Korean
1345	Immigration / residence — multilingual	Multilingual
1330	Korea Tourism Organization — tourist help	Multilingual

Pair this with our other safety guides — Korean emergency phrases for foreigners and personal information protection checklist.

Voice phishing smishing prevention setup: 10 minutes to cut your risk drastically

• Keep “install from unknown sources” disabled (Settings → Security)
• For any link in SMS/messenger, open the official site by searching directly
• Turn on biometric / 2FA in banking and card apps
• Agree on a family / roommate verification question (e.g. “what’s our dog’s name?”)
• Install a spam-ID app like Whowho / T전화 to flag suspicious numbers

Voice phishing smishing prevention FAQ

Q1. What’s the very first thing to do if I’m hit by voice phishing in Korea? Call your bank, request “지급정지” (stop payment), then dial 112. That order is critical.

Q2. The call came from a 010 number. Could it still be voice phishing? Yes. Caller-ID spoofing routes overseas calls through 010 numbers — it’s been documented and prosecuted.

Q3. Is every QR code dangerous? Not every QR, but quishing attacks are real and growing. Treat any “agency / institute + QR code” combination as high risk.

Q4. My Korean is weak — can I still call 112? Yes. 112 offers 24/7 English and Chinese interpretation. Just say “English please / Interpreter please”.

Q5. I only clicked a link — no money moved. Should I still report it? Yes. Malware install or account takeover can happen later. Disconnect data → delete the suspicious app → change passwords → call 118.

K-Name Studio: Create your perfect Korean name based on your personality and style.
What’s My K-Beauty Personal Color?
WeBring Service : Provides personalized services to foreigners living in Korea
Exclusive offer: Introducing foreign car rental in Korea, WeBring-SoCar