Stock Scam Surge: Fake Brokerage Sites Steal Millions from Japanese Traders

Japanese financial authorities are warning of a sharp increase in phishing attacks targeting online securities accounts, with victims unwittingly giving scammers full and unfettered access to their investments, only to see the funds drained and used to buy other stocks.

A High-Tech Con

In the past few months, cybercriminals have been working tirelessly to deploy fake websites, spoof text messages, and creating convincing phishing emails that imitate legitimate securities companies. These scams have a simple goal: trick investors into entering their credentials on fake websites, granting attackers direct access.

Once the scammers log in, they quickly sell the victim's existing stocks or other holdings and use the money to buy other securities, often Chinese stocks.

According to the Financial Services Agency (FSA), more than 3,300 unauthorized logins and 1,450 illicit trades were recorded between February and April 2025 alone.

The total value of unauthorized sales has exceeded $330 million, and unauthorized purchases have reached $290 million.

What Are Securities Companies?

Securities companies are financial firms that help people and businesses buy and sell stocks, bonds, and mutual funds. These firms are not banks but play a critical role in the financial market. The fact that they deal directly with clients with valuable online accounts makes them a prime target for phishing.

How the Scam Works

· Phishing Message: The scam begins with an email or SMS that appears to come from an established company.
· Fake Website: The message has a link to a fake site built to look exactly like the real one.
· Credential Theft: Victims enter their ID and password, unknowingly giving attackers access to accounts and implicitly to the funds.
· Unauthorized Trades: The scammers log into the real account, sell existing assets, and buy new ones, draining funds and sometimes laundering money in the process.

Who Is Behind It?

While Japanese authorities have yet to name any suspects, the sophistication and pattern of the attacks suggest that organized cybercriminal groups might be involved. Many of the unauthorized trades ended with the purchase of Chinese stocks, raising concerns of market manipulation or money laundering.

The schemes seem too complex for run-of-the-mill cybercriminals. In some cases, scammers have used phishing to gain access, while others called victims while posing as representatives of Japanese financial companies, often using overseas contact details and servers to hide their location.

How to Protect Yourself

The Japan Securities Dealers Association (JSDA) and the FSA have issued public guidance to minimize risk:

·Enable multi-factor authentication if offered by the broker.
·Use direct links or bookmarks to access your securities company's site; never follow provided links.
·Avoid clicking links in unsolicited emails or text messages.
·Create strong, unique passwords and don't reuse them across accounts.
·Keep your software and security solutions up to date.
·Never access financial accounts on public Wi-Fi or shared devices.
·Report suspicious activity immediately to your securities company and police.