Reports have confirmed that Japan has been targeted by cybercriminals using phishing, or illegal acquisition of personal information, to steal cryptocurrencies by sending fake emails to crypto exchange users. Fake emails sent in Japanese language reportedly rose to at least 1,500 by last autumn.
Six FSA Approved Exchanges Taking Inadequate Countermeasures Against Phishing
Back in May, Bitflyer was warning its customers that fake emails used by cybercriminals were redirecting their victims to phishing websites that looked like authentic Bitflyer pages, which requested customers to enter their IDs and passwords. These were then collected by the criminals. Bitflyer received a serious business improvement order by the FSA on June 22.
A report published by the University of Tsukuba and Nomura Asset Management, an investment management company, criticized six government approved crypto exchanges saying they were operating without any solid countermeasures against online fraud and phishing schemes.
The Japanese Anti-phishing Council and the information security company Trend Micro reported that it was in November of last year that fake emails sent in the Japanese language targeting cryptocurrencies were confirmed for the first time. The two entities confirmed more than 1,500 fake emails sent in Japanese, targeting cryptocurrency exchanges. “And this is just the tip of the iceberg,” they said.
Government Collaboration is Planned
Japan Credit Information Service’s (JCIS) spokeswoman Teruko Suzuki told that JCIS has collaborated several times with the Japanese government regarding investigations on cryptocurrency related matters, but JCIS hasn’t got any official contract with government entities yet. “We are hoping to collaborate with the Japanese government entities such as the FSA, the National Police Agency, The Tokyo Metropolitan Police, or even the tax office in the future.”
In January this year, about 580 billion JPY worth of the virtual currency NEM vanished from Coincheck, a major domestic crypto exchange. In this case, fraudulent emails were sent in English to several employees of the company. It was later revealed that they were infected with viruses after opening those emails. After this major Japanese crypto heist, the FSA has been strictly inspecting Japanese crypto exchanges and reported a series of deficiencies in the internal management system, one after another.