Japanese Exchanges Not Doing Enough to Stop Crypto Phishing – Report
Many of Japan’s major, government-licensed cryptocurrency exchange platforms are providing “insufficient” protection against phishing schemes, potentially allowing cybercriminals to compromise their users, claims a new report.
Nikkei reports that, according to a paper published by the University of Tsukuba and investment management firm Nomura Asset Management, six of the exchange platforms that have obtained operating permission from Japan’s regulatory Financial Services Agency are taking inadequate countermeasures against online fraud and phishing schemes.
The report states that criminals are operating phishing sites, which are designed to look like genuine, licensed exchange platforms. Cyber criminals send out emails from legitimate-looking addresses, prompting unsuspecting crypto investors to click on links that take them to what appear to be legitimate exchange pages.
The sites then prompt users to enter their passwords and IDs, in an attempt to harvest this information. In worst case scenarios, say the report’s authors, there is a “distinct danger” that passwords and other login details can be stolen, allowing fraudsters to steal cryptocurrency funds.
The report states that the six companies have been “noticeably” slow in their efforts to shut down such fraudulent sites, and that in the wake of the Coincheck hack in January this year increased vigilance is needed.