Smishing tactics are evolving by the day. (Image courtesy of Yonhap)
SEOUL, Sept. 1 (Korea Bizwire) — As smishing scams evolve with increasing sophistication, South Korea’s internet watchdog is stepping up its defenses with a new filtering system designed to block malicious text messages at the source.
The Korea Internet & Security Agency (KISA) said Sunday that it has launched an “SMS X-ray” system that intercepts potentially harmful messages before they reach users’ phones.
The move comes as smishing—fraud that combines phishing with text messaging—has expanded beyond simple fake delivery notices to include phone-based lures and search-engine tricks that mimic government websites.
Attackers now often pose as regulators or public agencies, persuading victims to install malicious apps through voice calls or by steering them to fraudulent websites disguised as payment or government portals. These schemes are increasingly effective, aided by bulk messaging services, burner phones and overseas servers.
The scale of the problem has grown sharply. KISA detected 762 smishing attempts in 2022, 2,764 in 2023, and nearly 19,227 in 2024. The number of malicious messages identified ballooned to more than 2.1 million last year, a nearly 60-fold jump in just two years.
Under the new system, text relayers and resellers must first submit outgoing messages to KISA’s X-ray check. If flagged as malicious, the message is blocked, URLs are blacklisted, and related malware is analyzed and cut off from data exfiltration. KISA emphasized that the system inspects only URLs, not message content, and does not collect personal information.
The crackdown has already shown results. According to SMTNT, a participating firm, the X-ray caught 99.9 percent of smishing attempts among 90 million scanned texts.
“New domains created within a week or a month are among the most suspicious,” said Kim Eun-sung, who leads KISA’s smishing response team. “We are intensifying monitoring to preempt threats before they spread.”
With police referrals and tighter oversight, authorities hope the system will contain one of the fastest-rising forms of cybercrime threatening South Korean consumers.
Kevin Lee (kevinlee@koreabizwire.com)
