Securities account hijackings on the rise in Japan

June 2, 2025

The increase in securities account hijackings has become a prevalent issue in Tokyo, as authorities are looking into a string of incidents where perpetrators steal ID and password information to carry out illegal stock transactions. According to police reports, there have been 3,505 cases of unauthorized transactions that have accumulated a trade value of over 300 billion yen, equivalent to approximately 2 billion dollars so far this year.

Among the victims affected by these cybercrimes is an elderly man residing in Osaka, who fell victim to online securities account fraud when an unknown individual obtained his login credentials. The culprit then proceeded to conduct more than 300 illicit stock trades using the stolen information, resulting in a loss of 27 million yen for the Osaka resident. The man, who had assets valued at over 36 million yen, expressed bewilderment, stating, “I was puzzled because I didn’t know how my password was stolen. The stolen stocks were meant to serve as a financial safety net after my retirement. I feel desperate now and don’t know what to do.”

In a trend observed last December, there has been a significant rise in fraud cases involving individuals being enticed by deceptive emails to fraudulent websites impersonating legitimate securities firms. Cybersecurity experts from Macnica have noted that Japan is a hotspot for such fraudulent activities, emphasizing the difficulty in distinguishing fake websites from real ones upon first glance.

An analysis conducted by Macnica revealed that the price fluctuations and trading volumes of stocks from three Chinese companies involved in fraudulent transactions experienced sudden peaks followed by sharp declines within a short timeframe. This pattern suggested that the criminal groups behind these hijackings were artificially inflating stock prices to subsequently sell them at a profit.

Investigator Fukasawa Atsushi, from the Securities and Exchange Surveillance Commission, highlighted the challenge in identifying these criminal syndicates, given the unconventional nature of their fraudulent methods. Atsushi pointed out that tracking transaction records is ineffective in these cases, as the perpetrators remain unidentifiable.

Further investigations by Macnica into the coding of fake websites unveiled traces of Chinese characters, indicating potential links to Chinese cybercriminals. This discovery implies that attackers might be recycling data from previous phishing attempts in crafting new fraudulent schemes.

Ngo Minh Hieu, a cybersecurity expert, emphasized Japan’s susceptibility to such cybercrimes due to the country’s linguistic uniqueness being overcome by generative AI technology and inadequate security awareness. Hieu emphasized that creating counterfeit phishing sites in Japanese has become effortless with AI advancements, making Japan an attractive and profitable target for attackers.

In response to the escalating scourge of securities account hijackings, major firms have started compensating victims affected by these fraudulent activities. Additionally, firms are looking at enhancing security measures by mandating multi-factor authentication log-in systems to fortify their defenses against cyber threats.

To shield against falling victim to these cybercrimes, experts recommend adopting security practices such as avoiding the reuse of passwords across different websites, implementing multi-factor authentication on financial platforms, and refraining from clicking on suspicious URLs embedded in emails prompting personal information disclosure.