Authorities in Japan conduct collaborative investigation on securities account hijackings

May 31, 2025

Tokyo authorities have come together to investigate a series of incidents involving hacked securities accounts, where unauthorized stock trading took place. The Metropolitan Police Department, along with the National Police Agency’s cyber unit and the Securities and Exchange Surveillance Commission, are working together to probe suspected cases of unauthorized access and market manipulation. This scheme involved the purchase of specific stocks to artificially inflate their prices, allowing criminal groups to secure profits.

Over a span of about four months starting from January, the Financial Services Agency reported over 3,500 cases of fraudulent transactions, totaling more than 300 billion yen in unauthorized trades. The victims of these crimes were spread throughout Japan, with many falling prey to phishing scams. Attackers would send emails disguised as securities firms, leading individuals to fake websites where they would unsuspectingly enter personal information. In more sophisticated cases, malware was used to steal login credentials.

Once the hackers gained access to the compromised accounts, they would sell off stocks in the victims’ portfolios to generate funds. These funds would then be used to purchase shares in specific companies that the criminal group already held, causing the stock prices to rise artificially. The fraudsters would then quickly sell off their shares at the inflated price, leaving the legitimate account holders with significant losses.

Reports from the Japan Securities Dealers Association revealed that account hijacking had occurred at 16 securities firms, with major players like Nomura Securities Co and SBI Securities Co among the affected companies. The scale and complexity of these fraudulent activities have raised concerns within the financial sector and prompted a collaborative effort among law enforcement and regulatory agencies to uncover and prevent further occurrences of such crimes.

The investigation into these securities account hijackings serves as a reminder of the importance of vigilance and cybersecurity measures in the digital age. Individuals and organizations are urged to remain cautious of suspicious emails and websites, as well as to implement robust security protocols to protect sensitive information and financial assets. By raising awareness and strengthening cybersecurity practices, the authorities aim to deter future criminal activities and safeguard the integrity of the financial markets.