Borrowed-name bank accounts are frequently used in phishing attacks because they are difficult to trace
According to the financial regulator yesterday, there are approximately 40,000 bank accounts used under false names every year. The FSS introduced a special law to deal with phishing at the end of September 2011.
The measure refunded to victims the amount of money they lost to online financial scams. Around that time, the FSS began to track and collect related data.
Based on the data from October 2011 to the end of June this year, a total of 87,000 bank accounts have been suspended from withdrawing savings because they were used in financial crimes including phishing activities.
According to the FSS, 36,417 false bank accounts were used in illegal phishing activities over the same period and more than 1,000 borrowed-name accounts have been opened every month this year.
Also, more than half of the defrauders were found to have made use of false-name bank accounts obtained within the previous five days.
Borrowed-name bank accounts are usually purchased through illegal means by phishing attackers online who lure Internet users - mainly those in desperate need of money like the homeless, teenage runaways and delinquent borrowers -- to sell their accounts and cash cards, the FSS said. Bankbooks can go for as much as 500,000 won ($448).
The FSS also said there are messages online posted by phishing attackers that obtain borrowed-name bank accounts by deceiving Internet users, telling them that they will be given low-interest loans if they send their accounts and cash cards.
“Borrowed-name bank accounts are commonly used in illegal financial activities to receive money transferred by victims,” said an FSS official. “The savings accounts are from time to time obtained by threatening bankbook holders through various means.”
Illegal phishing activities using borrowed-name bank accounts are still prevalent even though it has been almost 20 years since the government introduced a regulation that consumers must use their real names when opening bank accounts.
The regulation was implemented to boost transparency in the country’s financial transaction system and to root out illegal lobbying and bribing activities made by using accounts under false names.
Meanwhile, the FSS study showed that of the 36,417 false bank accounts that have been used in phishing activities from October 2011 to June, 68 percent were opened at the National Agricultural Cooperative Federation and NH Nonghyup Bank.
The cooperative federation, which holds a 100 percent stake in NH Nonghyup Bank, has been a target of growing criticism lately in the financial sector as it was involved in several cyber accidents, with the most recent network paralysis happening in March.
Two months after the security incident, the former chairman of its financial group, Shin Dong-kyu, stepped down from his post.
False-name bank accounts were also opened at KB Kookmin Bank, followed by Korea Exchange Bank, Shinhan Bank, and Woori Bank.
“Our study showed that the number of borrowed-name bank accounts being used at certain financial institutions [Nonghyup, KB Kookmin Bank] is significantly high,” the official said. “This is because the financial institutions operate branches across the country including some in rural areas where internal control seems to be in a more vulnerable state.”
Meanwhile, the FSS urged financial institutions to enhance monitoring on the process of opening bank accounts and look into cases that are suspected of using borrowed-name accounts.
BY lee eun-joo [angie@joongang.co.kr]