Online scams: Financial Institution Account Information Being Targeted

Editorial

16:05 JST, May 9, 2026

Damage from scams in which internet banking account information is stolen and cash is fraudulently taken is spreading. The methods used are sophisticated, making it difficult to detect that they are scams. Strengthening of countermeasures must be expedited.

The number of cases of illicit remittances through internet banking reached 4,747 last year, with the amount of damage hitting a record high of ¥10.3 billion. Individuals are not the only targets, and the number of cases targeting companies surged to 189 — more than four times the previous year’s figure — pushing up the total financial loss.

Scam groups send out fraudulent emails masquerading as financial institutions, containing messages such as, “Please reregister your ID and password due to a system change.”

If a user follows the instructions in the email, they are directed to a fake website. Once an ID and other information are entered there, the scam group uses them to illicitly steal cash from the account.

In scams targeting businesses, a new method involving voices is being used in addition to emails and fake websites.

Before sending an email, scammers place automated voice calls pretending to be from entities such as the company’s bank to trick the recipient into believing the subsequent email is authentic.

There are multiple types of automated messages, such as one stating, “Transactions have been suspended because company information has not been updated for a long period.” In one instance, a single company was defrauded of more than ¥400 million. The damage is particularly noticeable among small and midsize enterprises, where vulnerabilities in anti-fraud measures were likely exploited.

Automated voice calls often originate from international phone numbers. If something seems suspicious, users should directly confirm the matter with the bank or other relevant parties rather than immediately entering IDs or other information.

The expanding damage is backgrounded by the widespread use of generative artificial intelligence.

Previously, fraudulent emails had a language barrier, as the Japanese used in them was often unnatural and easy to see through. However, the emergence of generative AI has made it possible to create natural Japanese sentences, making them harder to distinguish from legitimate ones.

Fraudulent emails attempting to steal information from companies and individuals have been confirmed around the world. One survey shows that 80% of these target Japan.

Telecommunications carriers, such as mobile phone companies and internet service providers, need to strengthen their measures against scam emails. Companies, for their part, are required to implement systems to detect and isolate suspicious emails and to ensure thorough awareness and education among their employees.

Police should deepen their cooperation with overseas investigative agencies through Interpol and do their utmost to crack down on scam groups. It is also vital to take measures such as identifying and disabling servers being used to send fraudulent emails.

(From The Yomiuri Shimbun, May 9, 2026)