A new and advanced cyber threat targeting NFC (Near Field Communication) payment technology is spreading quickly, prompting urgent warnings from financial authorities in South Korea. The Financial Security Institute (FSI) issued a press release revealing that cybercriminals are exploiting NFC-based payment systems to steal transaction data in real time, enabling unauthorized payments and withdrawals.
Unlike traditional fraud schemes that typically rely on stolen card information, such as card numbers and authentication codes, this new threat intercepts payment data generated by smartphones with NFC capabilities. The stolen credentials are then used instantly to carry out financial fraud. The growing adoption of NFC-based services like Apple Pay in South Korea has widened the attack surface, increasing the risk to consumers.
The FSI stressed that NFC-based scams, when combined with phishing attacks, can cause severe financial losses for unsuspecting users. The Institute recently analyzed a series of overseas incidents in which Korean financial customers were targeted by this type of fraud. In response, it has shared vital threat intelligence—such as information on malicious apps and their distribution channels—with domestic financial institutions.
One documented case highlights the seriousness of this threat. A working professional, identified only as Mr. A, received a text message claiming to offer a tax refund. The message contained a malicious URL, which Mr. A clicked. Believing the site was legitimate, he entered his personal banking information in an attempt to claim the supposed refund.
Shortly after, Mr. A received a call from someone posing as a bank employee. The caller claimed that his account had been compromised during the refund process and urged him to take immediate security measures. This included installing a provided app and updating his PIN. Unaware of the scam, Mr. A complied, downloading a fraudulent banking app designed to mimic his bank’s official interface.
Following the instructions in the malicious app, Mr. A activated his phone’s NFC feature and tapped his credit card against the back of the device, thinking he was completing a security verification process. In reality, the app secretly transmitted his payment data and updated PIN to the attackers. Using the stolen information, the cybercriminals replicated the card’s NFC credentials on their own device and conducted unauthorized withdrawals.
While Korean financial institutions often require additional authentication—such as biometric verification or PIN entry—for NFC payments, these safeguards can be bypassed if credentials are stolen via malware. NFC transactions typically rely on encrypted, single-use tokens and cryptograms, which are designed to provide a robust layer of security. However, attackers’ ability to manipulate users into overriding or bypassing these security protocols poses a significant and escalating threat.
In response, the FSI is calling on financial institutions to bolster their fraud detection systems and improve real-time monitoring of suspicious transactions involving NFC payments. Furthermore, consumers are being strongly advised to remain vigilant, especially when receiving text messages containing unfamiliar links or handling unsolicited calls requesting personal information or unconventional actions—such as tapping credit cards against smartphones.
FSI CEO Park Sang-won emphasized the need for collective vigilance in combating NFC-related fraud. “As NFC payments become more prevalent in the Korean financial ecosystem, both financial companies and consumers must stay highly alert to the increasingly intelligent and sophisticated nature of these scams,” he stated. “The Institute remains committed to closely monitoring and analyzing emerging cyber threats to safeguard a secure digital financial environment for everyone.”
Related article: South Korea’s financial security institute leverages AI for fraud detection
On Thursday, South Korea’s Financial Security Institute (FSI) announced proactive measures to enhance the security and reliability of artificial intelligence applications in the financial sector.
This initiative not only aims to identify security vulnerabilities, but also to enhance the capacity of institutions to detect fraud.
As AI-driven financial services become more widespread, concerns about security vulnerabilities, data breaches, and biased decision-making are on the rise. In response, the FSI has launched the initiative to assess the security measures of firms designated as innovative service providers by South Korea’s Financial Services Commission, the nation’s top financial regulator. READ MORE
Editor’s note: This article was initially written by ChatGPT-4o based on the author’s specific instructions, which included news judgment, fact-checking, and thorough editing before publication.
