#Securities #Phishing #internet fraud

The Alarming Surge in Phishing Attacks in 2025

The Internet Fraud Report of 2025 presents a concerning trend: a staggering 960-fold increase in phishing attacks targeting securities firms, attributed to the new NISA started in January 2024. This has led to a surge in individuals opening securities accounts, making them prime targets for hackers. The total financial loss due to fraud has soared to over 700 billion yen.

Surge in Phishing Tactics

Hackers have exploited various vulnerabilities, particularly with real-time phishing techniques, where users are prompted to enter their authentication codes on fake websites. Attackers then immediately use these codes to access genuine accounts. SBI Securities and Monex Securities have seen notable rises in phishing attacks imitating their platforms, with almost all securities companies under threat.

In addition to phishing, over 80% of internet fraud cases involve fake sales sites, often leading to potential risks such as receiving non-existent products, poor-quality items, or personal information theft. While phishing-related complaints have decreased, the rise in better-designed phishing sites has led to a reported 60% increase in actual phishing cases.

Phishing Categories and Trends of 2025

When categorized, Web services topped the phishing fraud list, making up 26% of cases, including attacks impersonating Apple ID and Tokyo Electric Power Company (TEPCO). Credit card-related phishing ranked second, impersonating brands like Mitsui Sumitomo Card and Rakuten Card. Securities fraud followed closely behind, reflecting a significant uptick compared to the previous year.

Brand Ranking in Phishing Attacks

Notably, phishing targeting Apple ID topped the charts, with its consistent appeal. Phishing sites imitating SBI Securities and Monex Securities took second and fifth place, respectively. Additionally, phishing scams using bureaucratic authority, like those imitating the National Tax Agency, spiked during tax season, highlighting the tactic of seasonal social awareness.

Threat Detection Trends

Throughout 2025, the anti-fraud software Miyabull detected 145,354,170 fraudulent and fake sites, marking a 43% increase from the previous year, with illegal upload and fake sales sites seeing significant growth. This trend is anticipated to persist into 2026.

The Evolving Nature of Phishing Attacks

The sophistication of phishing scams has increased, with attackers employing more natural-sounding emails, aided by AI technology, which makes it harder for recipients to distinguish genuine messages from fraudulent ones. Furthermore, phishing attempts now often include misleading authentication screens, greatly heightening the risk of users mistakenly trusting fake sites.

To mitigate these risks, it is crucial to remain vigilant. Users are urged to verify URL authenticity before clicking any links in emails or text messages. The best practice is to access websites directly via bookmarks or secure searches.

Critical points in preventing phishing scams include:
1. Avoid clicking on links from unknown sources: Always navigate to official sites directly.
2. Be cautious of requests for sensitive information: Genuine companies will not ask you to input personal information via email or SMS.
3. Use unique passwords: Avoid reusing login credentials across multiple sites to reduce the risk in case of a breach.
4. Implement security software: Having robust cybersecurity measures in place helps protect against evolving fraud tactics.
5. **Utilize free services like