Japan Financial Services Agency warns of rapidly increasing phishing-driven account takeovers and unauthorized trades in internet trading services

The Japan Financial Services Agency published an updated warning and damage data showing a rapid rise in unauthorized access to securities firms’ internet trading services and third-party trades, driven by stolen customer credentials from phishing sites masquerading as legitimate brokerage websites. The agency noted the figures are provisional, based on occurrence dates reported by securities firms, and may exclude still-undetected incidents. It also cautioned that reported “sale” and “purchase” amounts represent cumulative fraudulent trade values in the compromised account and do not equate to customer losses, describing a common pattern in which fraudsters liquidate existing holdings and use proceeds to buy domestic and foreign small-cap stocks that remain in the affected account. Recommended user measures include avoiding links in emails or SMS even from familiar senders, accessing brokerage sites via a saved bookmark, enabling firms’ security functions such as multi-factor authentication and transaction or account-change alerts, adopting phishing-resistant authentication (including passkeys) when available, using strong non-reused passwords where passwords are unavoidable, monitoring accounts and promptly changing credentials if suspicious activity is suspected, and keeping devices and anti-malware tools up to date. The notice also points users to related warnings from the Japan Securities Dealers Association and the National Police Agency, including alerts on fake social media advertisements and phishing emails that impersonate financial institutions.