Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites
Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites
April 22, 2025 
Japan ’s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts.
Japan ’s Financial Services Agency (FSA) reported that the damage caused by unauthorized access to and transactions on internet trading services is increasing.
“There has been a sharp increase in the number of cases of unauthorized access and unauthorized trading (trading by third parties) on Internet trading services using stolen customer information (login IDs, passwords, etc.) from fake websites (phishing sites) disguised as websites of real securities companies.” reads the FSA’s alert.
FSA warns that cases of unauthorized trading via stolen login data from phishing sites mimicking real securities firms are sharply increasing on online trading platforms.
Below are some data provided by the agency that reflect only currently known cases of unauthorized access and fraudulent trading, however, more undiscovered incidents may exist.
| When did it occur? | February 2025 | March 2025 | April 2025 (as of the 16th) | 3 months total | ||
|---|---|---|---|---|---|---|
| Number of securities firms where fraudulent transactions occurred | 2 | 4 | 6 | – | ||
| Number of unauthorized accesses | 43 | 1,422 | 1,847 | 3,312 | ||
| Number of fraudulent transactions | 33 | 685 | 736 | 1,454 | ||
| Sale price | Approximately 100 million yen | Approximately 13.1 billion yen | Approximately 37.4 billion yen | Approximately 50.6 billion yen | ||
| Purchase price | Approximately 30 million yen | Approximately 12.8 billion yen | Approximately 32 billion yen | Approximately 44.8 billion yen | ||
Typically, attackers hijack victim accounts, sell held stocks, and use the proceeds to buy assets like Chinese stocks, which remain in the account post-attack. Reported sales and purchase amounts represent total transaction volumes, not customer losses.
To avoid falling victim to unauthorized trading caused by stolen login credentials, users should follow key precautions: never click links in emails or SMS, always access brokerage sites via pre-saved bookmarks, and enable security features like multi-factor authentication and login notifications. Avoid password reuse, choose complex passwords, and check account activity often. If you suspect fraud, change passwords and contact your brokerage immediately. Keeping devices updated and using reliable antivirus software also helps prevent malware-related data theft.
Japan ’s Financial Services Agency (FSA) recommends checking the warning issued by the Japan Securities Dealers Association regarding matters to be aware of when using securities companies’ online trading services.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs –hacking, Japan)
