According to data from the National Police Agency, the number of voice phishing crimes that occurred up to June 2025 reached 12,339 cases. This is an increase of 22.75% compared to the same period last year. At this rate, the total number of crimes in 2025 is expected to far exceed last year's figures.

Voice phishing is becoming more sophisticated by exploiting human psychology. Criminal organizations create elaborate management pages that not only capture the victim's name and phone number but also monitor call content and real-time location. The 'forced reception and transmission' function using malicious apps is fatal. Criminal organizations disguise calls as government agency numbers, and even if the victim calls the prosecution or police, they are manipulated to connect to the criminal organization. Recently, there is a trend of exploiting artificial intelligence (AI) and deepfake technology.

Financial authorities are making every effort to prevent damage, but there are limitations. It is difficult to track when criminal organizations create dummy accounts across multiple financial institutions and launder funds. For example, if money withdrawn from a suspicious account at Bank A is transferred overseas through Savings Bank B and Card Company C, it is difficult to determine whether there is damage. Even when trying to share information, they had to rely on analog methods like phone calls or faxes between responsible parties at the request of investigative agencies.

The financial authorities have established a voice phishing AI platform to standardize anti-phishing capabilities among financial companies and overcome institutional limitations. Named the 'AI-based anti-phishing Sharing & Analysis Platform (ASAP)', this platform is expected to be a turning point in preventing voice phishing damage.

'Collaborative Learning and Defense' with the Voice Phishing AI Platform

The core of ASAP is 'real-time information sharing' and 'AI pattern analysis'. Participating financial companies share information in real-time across 9 types and 90 items.

The shared information includes the following: ▲Account-related information of victims of voice phishing (14 items) ▲Account-related information used in voice phishing crimes (18 items) ▲Account-related information suspected of being used in crimes or connected to them (15 items) ▲Information on overseas accounts confirmed to be used in voice phishing crimes (8 items) ▲Other necessary information for accident identification (12 items) ▲Information confirmed with forged IDs (8 items) ▲Information presumed to be victims of voice phishing through police investigations (4 items) ▲Phishing site detection information (5 items) ▲Malicious app detection-related information (6 items).

The important part is the real-time sharing of confirmed information. Information on victim accounts, accounts confirmed to be used in crimes, and overseas accounts used in voice phishing is immediately shared with all participating institutions. For example, if an overseas account used by a criminal organization is detected by police investigations or a financial company's Fraud Detection System (FDS), related information is delivered to all 130 financial companies through ASAP at that moment. If another financial company attempts to transfer money to a suspected crime account, it can be immediately blocked.

Suspicious information is also utilized. Accounts suspected of being used in voice phishing crimes through FDS, linked accounts with frequent transactions with suspicious accounts, and suspicious transaction information identified during police investigations are all accumulated in ASAP. The data is used for analyzing the latest transaction patterns of voice phishing and developing AI detection models.



The AI detection model operates in two ways. The Financial Security Institute operates ASAP, accumulating information and developing a joint model for calculating risk indicators through AI learning with the financial sector. Financial companies can choose to directly operate the AI model or use the API (software connection interface) to detect voice phishing.

The direct operation method involves financial companies receiving the AI model developed using the latest cases accumulated in ASAP and reflecting it in their own AI infrastructure. It is suitable for large banks with AI infrastructure. The API call method utilizes the AI infrastructure of the Financial Security Institute. Financial companies can request ASAP to assess the risk of suspicious accounts, and the model evaluates the risk as high, medium, or low and responds. It is advantageous for the secondary financial sector, which finds it difficult to build AI infrastructure. The Financial Security Institute provides AI analysis information based on the information accumulated during the operation of ASAP and the AI learning model. It plans to provide it to participating institutions in the first half of 2026, adding technical completeness.

The financial authorities plan to promote the amendment of the Telecommunications Fraud Damage Refund Act in 2025, which includes the legal basis for sharing information, including personal information, and measures for damage relief for virtual assets, to concentrate and share suspicious information from the investigation and communication sectors in ASAP. Regarding the no-fault liability of financial companies, specific measures such as compensation requirements, limits, and procedures are being closely discussed with the financial sector, considering the effective relief for consumers and the acceptability of financial companies.

ASAP to Serve as the Representative Anti-Phishing Prevention and Response Infrastructure in the Financial Sector
Jokang Yoo, Team Leader of the Threat Response Team at the Financial Security Institute

The purpose of introducing ASAP is clear. It is to share fraud information detected by financial companies in real-time and to share solutions analyzed by AI to enhance response capabilities. If FDS is the private security guard of individual financial companies, ASAP is a comprehensive control center and information hub encompassing the entire financial sector. An interview was conducted with Jokang Yoo, Team Leader of the Threat Response Team at the Financial Security Institute, to hear more about ASAP.



IT Donga: The platform name ASAP seems to remind one of the meaning 'As Soon As Possible.' What aspect did you want to emphasize when naming the service?

Jokang Yoo, Team Leader: ASAP reflects the meaning of 'quickly blocking the public's voice phishing damage (As Soon As Possible).' The platform's exact name is 'AI-based Anti-phishing Sharing and Analysis Platform.' It shares phishing fraud information in real-time, responds to phishing crimes as quickly as possible, and analyzes and provides accumulated information using AI technology. The long-term goal is to advance the FDS of financial companies.

IT Donga: Unlike the Fraud Detection System (FDS), it has become a large-scale platform involving institutions, financial companies, and investigative agencies. What is the role of the Financial Security Institute in the voice phishing response system?

Jokang Yoo, Team Leader: The Financial Security Institute operates ASAP, which serves as an information hub that shares voice phishing victim accounts, fraud-use accounts, and suspicious accounts detected by financial companies in real-time. It is developed to share various voice phishing victim suspicion information and overseas accounts provided by investigative agencies. The Financial Security Institute supports financial companies in utilizing this information. Additionally, it provides related information such as phishing sites and malicious apps detected independently. The Financial Security Institute plans to focus its efforts on advancing the joint model development for calculating risk indicators through AI learning. ASAP is expected to serve as the representative anti-phishing prevention and response infrastructure in the financial sector.

IT Donga: Is there a connection between ASAP and the Fraud Detection System (FDS)? Should ASAP be seen as an expanded form of FDS?

Jokang Yoo, Team Leader: ASAP is not an expanded form of the existing FDS. FDS is a system that analyzes customers' financial transaction patterns and access information in real-time at financial companies to identify and block specific transactions with abnormal possibilities. ASAP is a platform that shares voice phishing fraud information and abnormal financial transaction-related information found by individual financial companies through FDS.

IT Donga: If it is AI-based, the quantity and quality of learning data are important. However, the voice phishing-related data handled by various institutions may have been stored in different forms. It seems that it was not easy for the Financial Security Institute to train and refine voice phishing-related data. How was heterogeneous data learned, and how was data processing conducted?

Jokang Yoo, Team Leader: In reality, if data heterogeneity is high, the detection performance of AI decreases, so we have been working on standardizing data specifications with financial companies since 2024. First, we collaborated with financial companies to select key items that can be commonly used for detecting abnormal financial transactions and requested the relevant data from each financial company. This allowed for balanced learning of normal and fraudulent transaction patterns.

IT Donga: On what criteria does ASAP's AI determine voice phishing?

Jokang Yoo, Team Leader: The AI of the Financial Security Institute's ASAP detects voice phishing through federated learning technology, which allows for comprehensive AI analysis without directly securing transaction data held by financial institutions. AI independently learns and recognizes patterns based on the characteristics and differences that appear in normal and fraudulent transactions. For example, it determines fraud based on transaction patterns such as whether ATM withdrawal limits were adjusted just before the transaction, transactions occurring at abnormal times like dawn, or multiple small transfers made in a short time.

ASAP applies a federated learning approach to analyze transaction patterns from various perspectives that are difficult for each institution to identify individually. This leads to the detection of a broader range of fraudulent transactions. It is hoped that AI analysis will make financial services in South Korea safer and more trustworthy.

IT Donga: I heard that the AI detection model is provided in both direct operation and API call methods. Why were these two methods adopted? And why is it expected that ASAP will have a positive effect on the secondary financial sector, which lacks infrastructure and development capabilities?

Jokang Yoo, Team Leader: Large financial institutions often have their own AI infrastructure. In this case, they can receive the AI detection model provided by ASAP and reflect it in their own AI infrastructure. On the other hand, some small and medium-sized financial institutions find it difficult to afford the cost of building AI infrastructure or lack efficiency compared to the cost.

The API call method is designed to allow these companies to utilize the AI detection model through the Financial Security Institute's ASAP. It operates through the Financial Security Institute's AI infrastructure, allowing financial companies to request ASAP to assess the risk of suspicious transactions. It is expected that even the secondary financial sector, which cannot build or lacks AI infrastructure, will be able to effectively respond to voice phishing by utilizing high-quality AI detection models.



IT Donga: AI learns based on past data. How does ASAP's AI respond when criminals attempt completely new types of attacks?

Jokang Yoo, Team Leader: First, the AI detection model does not simply determine the fraud status of a transaction. It provides the likelihood of fraud in the form of grades by comprehensively considering various factors such as transaction type, amount, timing, and usual transaction patterns. Even with completely new attack attempts, there is a high possibility that the transactions of deceived or extorted victims will have several contextual similarities, and the AI detection model will increase the accuracy of determining fraud based on this.

IT Donga: Is there a possibility of AI misdetection? It seems that a lot of effort was put into reducing the possibility of errors. How did you balance between 'security' in blocking voice phishing and the 'inconvenience' experienced by innocent customers?

Jokang Yoo, Team Leader: The AI detection model operates by grading transactions related to voice phishing, which enhances detection accuracy. Based on the information provided, it is up to individual financial companies to decide on response measures such as transaction blocking or enhanced monitoring. In this process, innocent customers may experience inconvenience. However, this is considered a process of protecting the customer's assets. Financial companies need institutional supplements such as applying additional identity verification measures and strengthening monitoring in situations where the possibility of voice phishing damage and crime is very high. It is also necessary for the government and financial companies to find a balance with customers through related promotions.

IT Donga: AI analysis information is expected to be provided in the first half of 2026. What is the next step for ASAP, or what are the long-term plans for advancement?

Jokang Yoo, Team Leader: Currently, ASAP is operating with a focus on the primary financial sector. It is possible for secondary financial sector institutions to join the platform and collect and utilize shared information. The Financial Security Institute aims to expand ASAP to the entire financial sector. It plans to support system integration so that secondary financial sector institutions can automatically share detected fraud and suspicious information and expand the specifications so that new types of information collected from the secondary financial sector can be incorporated into the platform.

Furthermore, plans are in place to strengthen connections with other fields such as telecommunications and investigations. It aims to support proactive responses by providing information on deception and extortion stages collected in the telecommunications field to financial companies and to expand the scope of data exchange with the integrated response team of the National Police Agency, where crime reports are concentrated. Continuous discussions are underway to connect with the platform being built by the National Police Agency. Telecommunications companies also respond to voice phishing independently, but information sharing from telecommunications companies is necessary for joint response with the financial sector.

IT Donga: Lastly, even with ASAP, what should financial consumers do to prevent crimes themselves? Please provide advice from the perspective of an expert who developed the defense system.

Jokang Yoo, Team Leader: Phishing crimes broadly consist of the stages of deception and extortion leading to the acquisition of victim funds. The response of the financial sector, including ASAP, is fundamentally focused on preventing the process of victims transferring or remitting funds. Unless it is a very special case, it is not easy for financial companies to block transactions when victims repeatedly demand transactions with strong conviction.

From the perspective of financial consumers, it is important and certain not to be deceived or threatened from the beginning. Financial consumers should always suspect the possibility of phishing crimes and pay attention to crime prevention and trend information provided by related agencies. In addition, it is important to be aware of how to respond quickly when an incident occurs and what services are provided by the National Police Agency and financial companies.

IT Donga Kang Hyung-seok Reporter (redbk@itdonga.com)

Popular News