A “front account” is a bank account used in financial crimes such as voice phishing, loan fraud, illegal gambling, and romance scams to temporarily receive or transfer stolen funds. While they may appear to be normal accounts on the surface, in reality, they are often controlled by criminal organizations rather than the account holder, or the account holder is unwittingly drawn into the flow of funds without realizing the criminal nature of the activity.

This article is not intended to replicate criminal methods but serves as a safety guide to help readers understand how victims are deceived and what preventive measures to take.

What Is a “Dapo” Account?

A “straw account” generally refers to an account where the registered holder is different from the actual user or controller. Here, the term “account” does not refer solely to a paper passbook. It also includes any means of access that can be used to manage the account, such as internet banking, mobile banking, debit cards, ATM cards, passwords, OTPs, and digital certificates.

Under South Korea’s Electronic Financial Transactions Act, these means are broadly classified as “access media.” Transferring access media to others, lending them in exchange for money, storing, delivering, or distributing them, or brokering or advertising such activities may be subject to punishment.

Key Definitions

Term Meaning Points to Note
Front Account An account where the registered holder and the actual controller are different Even if the account is in your name, it can become a problem if someone else uses it.
Access Medium A means of accessing an account May include passbooks, cards, passwords, OTPs, and certificates.
Account Used for Fraud An account suspected of having received or been used for proceeds from telecommunications financial fraud May be subject to payment suspension, transaction restrictions, or victim reimbursement procedures.
Mistaken Transfer A transfer sent by mistake It is safer to use the procedures provided by financial institutions or the Korea Deposit Insurance Corporation rather than attempting a direct return between individuals.

Common Methods Fraudsters Use to Obtain “Straw Accounts”

While “straw accounts” are sometimes “newly created,” in reality, they are often obtained by borrowing, stealing, or deceiving others to gain access to their accounts. The types listed below are high-risk warning signs to watch out for.

Method Surface-Level Claim Actual Risk Safe Response
Short-term, high-yield part-time job “We’ll pay you a stipend just for lending your bank account” or “account verification tasks” You may face criminal charges for lending, transferring, or providing access to your account. Never hand over your bankbook, card, password, or OTP.
Purchase代行, currency exchange, or settlement part-time jobs Transferring deposited funds to another account or delivering them in cash You may become a money mule or a money laundering conduit. If a job requires you to receive company funds into your personal account, verify the contract, business registration, and official payroll system before refusing.
Disguised as an Erroneous Transfer “I sent this to the wrong account; please transfer it back to my personal account” This could create a scheme where fraud proceeds pass through your account. Report it to the bank first and follow the official refund procedure.
Loan Processing/Credit Score Improvement “You need to build a transaction history to get a loan approved.” You may be drawn into fraudulent transactions, ghost accounts, or loan scams. Stop any requests for advance payments, repayments to third-party accounts, or proof of transaction history, and verify the matter with the official customer service center.
Personal Information Theft and Identity Theft Requests for photos of ID cards, verification codes, or remote control apps Accounts may be opened in your name without your knowledge, or your account may be hijacked. Do not share your ID card, verification codes, security cards, or app authorization requests.
Ads for Buying and Selling Accounts “Buying dormant accounts” or “Buying debit cards” This is highly likely to lead to clearly illegal transactions. Report the ad and do not contact them.

Why Do Voice Phishing Organizations Use “Straw Accounts”?

Voice phishing organizations do not receive money sent by victims directly into accounts in their own names. This is because law enforcement agencies and financial institutions can track the flow of funds and freeze payments. Therefore, they use multiple accounts as intermediate stopovers to split the stolen funds or attempt to move them through cash withdrawals, re-transfers, or the purchase of virtual assets.

The reason dummy accounts are dangerous is that even if the account holder was deceived like the victim, the account name and transaction records remain on file. In particular, if you receive money into your own account and then re-transfer it or hand it over in cash following someone else’s instructions, you may find yourself in a situation where you must prove—during investigations and financial institution reviews—whether you are a “mere victim” or a “mule or provider of a straw account.”

Under South Korean law, acts such as transferring or acquiring access media; lending, storing, delivering, or distributing access media in exchange for compensation; providing access media for the purpose of criminal use or while knowing it will be used for criminal purposes; or brokering, mediating, advertising, or soliciting such acts may constitute a violation of the Electronic Financial Transactions Act. The “Easy-to-Find Information on Everyday Laws” guide states that such violations may be punishable by up to five years in prison or a fine of up to 30 million won.

Furthermore, if a person involved in “straw account” transactions is registered as a violator of financial order, they may face disadvantages when applying for new loans, credit cards, opening bank accounts, or purchasing insurance. Guidance materials from the Financial Supervisory Service posted on “Policy Briefing” explain that information regarding violations of financial order is shared among financial institutions for a certain period and used in credit assessments, meaning adverse effects may persist for up to 12 years.

Why Simply Saying “I Didn’t Know” Isn’t Enough

In reality, scammers use language designed to make their activities sound like “legitimate part-time work,” “tax-free settlements,” “loan processing procedures,” or “company fund transfers.” However, if you transferred money received in your own account or handed it over in cash as instructed, the question may arise as to whether you had reason to suspect that the transaction was unusual.

However, it is important to distinguish between cases where your personal information was stolen and an account was opened without your knowledge, and cases where you personally handed over your bankbook, card, or password. If you suspect identity theft, report it as soon as possible to financial institutions, the police, or the Financial Supervisory Service, and preserve evidence proving that you were not involved.

Steps to Take When Receiving an Unidentified Deposit

As a general rule, do not directly return the funds even if an unknown person contacts you claiming it was a “mistaken transfer” and asks you to send it back. While it may genuinely be a mistaken transfer, it could also be an attempt to use your account as a transit point for proceeds from a crime.

  1. Take a screenshot of the deposit details, including the sender’s name, time, and amount.
  2. Immediately report the incident to the customer service center or a branch of the bank where the deposit was made.
  3. Do not transfer funds directly to any account provided by the other party.
  4. Check the bank’s guidelines for returning mistaken transfers or the Deposit Insurance Corporation’s procedures for assisting with the return of mistaken transfers.
  5. If there are signs of voice phishing, extortion, or loan fraud, report it to the police (112), the Financial Supervisory Service (1332), or the financial institution’s customer service center.

If Your Personal Information Has Been Stolen or You Suspect Identity Theft

If you have provided a photo of your ID, your Resident Registration Number, account number, password, verification code, security card, OTP, digital certificate, or remote control access to your cell phone, your account may be directly compromised or misused to open an account remotely.

Items to Check Immediately

  • Check your accounts under your name using the Integrated Account Management Service or AccountInfo.
  • Check for any unknown accounts, unknown automatic transfers, or signs of unknown card or loan applications.
  • Contact your financial institution to inquire about blocking remote account openings, restricting withdrawals, and resetting your password.
  • Delete any remote control apps, apps from unknown sources, or text-forwarding apps installed on your smartphone, and run a security scan.
  • If a copy of your ID has been leaked, check whether you can request a reissue and register with financial institutions to prevent fraud.

Checklist for Identifying “Ghost Account” Recruitment

If any of the following items apply, stop the transaction immediately and verify the situation.

  • They offer payment based on a “per-transaction fee” rather than a salary.
  • They ask you to receive an unknown payment into your account and then transfer it to another account.
  • They ask you to send loan repayments or security deposits to a personal account rather than a company account.
  • They request a photo of your ID, your account password, OTP code, or verification code.
  • They ask about your account number, whether you can provide a card, or whether you can make withdrawals before discussing the actual job details.
  • They give instructions exclusively via messaging apps like KakaoTalk or Telegram, and their official business information is unclear.
  • They say, “Never tell your bank,” “This is necessary for tax purposes,” or “It will improve your credit score.”

Prevention Guidelines

The most important rule is simple: Use your account only for purposes you have personally verified, and never give anyone the means to access your account.

Principles for Individuals

  • While you should be cautious even about sharing just your account number, providing your card, password, OTP, or verification code is especially dangerous.
  • If the source of deposited funds is unclear, do not use or transfer the money; report it to your bank first.
  • Verify loan consultations only through a financial institution’s official app, website, or customer service hotline.
  • Even if a job posting pretends to be for financial work, refuse any position that requires you to receive funds, re-transfer money, or deliver cash.
  • Share the principle of “reporting unknown deposits to the bank first” with your family as well.

Principles for Businesses and Operators

  • Do not require settlement tasks using personal accounts in job postings.
  • Process customer refunds through accounts in the business’s name and follow standard accounting procedures.
  • Do not allow employees to receive company funds into their personal accounts.
  • Document procedures for reporting suspicious transactions and internal approval processes.

Red Flags from Real-Life Cases

Case 1: A Request to Immediately Return Funds Claiming a “Mistaken Transfer”

A stranger sends 800,000 won and says, “I sent this by mistake; please send it back to this account.” If you transfer funds to the account provided by the other party, your account could be used as a conduit for the stolen funds. You should report this to your bank and return the funds according to the bank’s instructions.

Case 2: Part-time Job Offering “Purchase Agency Settlement”

A company claiming to be a shopping agency tells you that customer funds will be deposited into your personal account and instructs you to transfer the amount minus a certain fee to another account. A legitimate company would have procedures in place, such as an account in the business’s name, tax invoices, payroll payments, and contracts. A system that repeatedly routes funds through personal accounts is extremely dangerous.

Case 3: Requests for Deposits or Repayments Before Loan Approval

Someone impersonating a financial institution employee asks you to transfer your existing loan balance to a specific individual or an unfamiliar corporate account in order to approve a refinancing loan. The Financial Services Commission warns that requesting loan repayments to third-party accounts is a fraud scheme involving “ghost accounts.” You must verify the authenticity of the request through the official app or the main customer service number.

At-a-Glance Response Chart

Situation What Not to Do What to Do
Request to lend bankbook or card Accepting money and lending it out Refuse immediately and report the ad or account
Unexpected Deposit Personally forward the funds Report it to the bank’s customer service center or branch
Voice Phishing Money Transfer Scam Continue talking to the scammer Call 112 or 1332, and request a payment freeze from the financial institution
Personal Information Leak Providing Additional Verification Codes Change your password; check your account status; confirm that account opening is blocked
My Account Has Been Frozen Ignoring the issue or providing arbitrary explanations Submit evidence clarifying the facts to the bank’s incident response department

Conclusion

Straw accounts are a key tool used by criminal organizations to hide stolen funds. Statements such as “Just lend me your bank account,” “Just send me the money that was deposited,” or “It was a mistaken transfer, so please return it immediately” are all red flags. The safest course of action is to never hand over your account access credentials, never move funds from unknown sources without authorization, and always follow official procedures through the bank, police, the Financial Supervisory Service, or the Korea Deposit Insurance Corporation.