How to Avoid Online Scams and Phishing

🌍 Foreign Residents in Korea Series

Step-by-step guides for foreigners living in Korea — from address registration and visa to banking, taxes, and digital certificates.

🏠 Report a Change of Address 🪪 Immigration Certificate (ARC) 🔐 Government24 Login Options 💰 Using Hometax in Korea 📱 Register Mobile Billing

One fake email almost cost me everything — here’s how I learned to spot them.

In short

Slow down before you click or pay. Check the sender, link, and request. Protect accounts with strong passwords and 2-factor, and know quick recovery steps if something goes wrong.

Table of Contents

1. Spot Common Red Flags
2. Protect Your Accounts and Devices
3. Verify Before Sharing or Paying
4. What to Do If You Clicked or Paid

Spot Common Red Flags

Most scams use urgency, fear, or reward to push fast action. Look for these warning signs in emails, messages, calls, pop-ups, and social media posts.

• Urgent pressure: “Your account will be closed today” or “Only 5 minutes left.”
• Unusual sender or domain: misspellings, extra characters, or free webmail for “official” notices.
• Link mismatch: text shows one site, but the real URL (hover to preview) goes elsewhere.
• Attachments you didn’t expect: especially .html, .exe, .zip, or macro-enabled documents.
• Requests for secrets: passwords, 2FA codes, recovery codes, card PINs, crypto keys—legitimate services never ask.
• Payment by irreversible methods: gift cards, wire, crypto, or “friend/family” transfers.

💡 Tip If a message triggers strong emotion (fear, excitement), pause. Scammers rely on speed; your best defense is slowing down.

Protect Your Accounts and Devices

Passwords and 2-Factor

• Use a password manager to create unique, long passphrases for every site.
• Enable 2-factor authentication (2FA) using an authenticator app or hardware key; avoid SMS where possible.
• Update recovery info (backup codes, secondary email/phone) and store it safely.

Device Hygiene

• Keep OS, browsers, and apps up to date with automatic updates.
• Use reputable anti-malware and enable real-time protection.
• Turn on browser warnings for dangerous sites and downloads.
• Separate work and personal accounts and devices when possible.

Email and Messages

• Preview links by hovering (desktop) or long-pressing (mobile) before clicking.
• Block and report obvious spam; unsubscribe only from messages you recognize.
• Use aliases or unique email addresses for sign-ups to track leaks.

⚠️ Note Never share your one-time codes or recovery codes. Anyone asking is attempting account takeover.

Verify Before Sharing or Paying

Confirm the request through a trusted path you choose—not by using the links in the message.

• Out-of-band check: Contact the company using the website you type manually or a saved bookmark.
• Check the URL: Look for clear, correct domains; beware subtle misspellings or extra words.
• Invoice and job scams: Verify with a known contact before paying or sending documents.
• Marketplace and social DMs: Use built-in payment protection and avoid off-platform transfers.
• Too good to be true: Deep discounts, guaranteed returns, or instant loans are classic bait.

💡 Tip Pay with methods that offer dispute protection. Avoid gift cards, crypto, or wire transfers for first-time sellers.

What to Do If You Clicked or Paid

Act quickly to limit damage and regain control.

1. Disconnect and scan: Turn off Wi-Fi or mobile data, then run a full anti-malware scan.
2. Change passwords for any account you entered—start with email and bank accounts. Enable 2FA.
3. Revoke sessions: Sign out of all devices/sessions in account security settings.
4. Contact your payment provider to dispute unauthorized charges and request a new card if needed.
5. Monitor accounts and set alerts for sign-ins, transactions, and password changes.
6. Report the scam to the platform or service where it occurred to help block future attempts.

Frequently Asked Questions

1. Q. How can I tell if a link is safe?

   A. Hover or long-press to preview the URL. Check the domain spelling and path. When unsure, don’t click—visit the site by typing the address yourself.
2. Q. Should I use antivirus on phones?

   A. Keep the OS and apps updated first. Reputable security apps can add web protection and scanning, especially if you install from multiple sources.
3. Q. Is SMS 2FA safe?

   A. It’s better than nothing but vulnerable to SIM swap. Prefer authenticator apps or hardware keys when available.
4. Q. What’s the safest way to pay online?

   A. Use methods with buyer protection and avoid direct bank transfers, gift cards, or crypto for unverified sellers.

Notes

Note. Keep screenshots and message headers when you report scams. Evidence improves platform enforcement and helps reverse charges.

Related Reading

• How to Create Strong Passwords You Can Remember
• Enabling Two-Factor Authentication (2FA)
• Secure Online Shopping Checklist

Explore the Series

More step-by-step guides for foreigners in Korea. Browse them on the hub, or jump directly below.

🌏 View Full Series Hub

🏛 Government & Visa

• Alien Registration (ARC)
• Change of Address
• HiKorea Appointment
• Visa Extension Guide

💳 Finance & Tax

• Using Hometax
• Tax Refund Guide
• Sending Money Overseas
• Mobile Banking Setup

📱 Digital & Mobile

• Online Verification
• Government24 Login
• Digital Certificates
• PASS App Guide