BitFlyer Fights Back Against New Wave of Phishing Attempts
Japanese exchange platform BitFlyer is warning customers to beware an email being circulated by cybercriminals who have set up bogus phishing websites designed to look like genuine BitFlyer pages.
The company says it has become aware of an email being sent to its customers claiming that they have been frozen out of their accounts. The email’s subject line is “BitFlyer confirmation mail,” and claims that “suspicious activity has been detected” on the user’s account. The email prompts users to log in and prove their identity by following a URL link or risk having their accounts “forcibly suspended.”
This link then redirects unsuspecting customers to a fraudulent site where customers are prompted to enter their IDs and passwords – potentially allowing criminals to collect this information.
Per ZDnet Japan, the creators of the phishing site and the email have gone to great lengths to appear genuine, using authentic-looking graphics, URLs and terminology. The scheme greatly resembles a similar spate of phishing attacks on BitFlyer customers launched in November last year.
BitFlyer says it has notified the relevant authorities in an attempt to force Japanese internet providers to block the websites in question. ZDnet says that Google’s Chrome browser and several security software providers have already begun blocking the phishing sites.
Earlier this month, a report criticized Japanese exchanges for failing to respond quickly enough to emerging phishing threats – claiming that six of the exchange platforms that have obtained operating permission from Japan’s regulatory Financial Services Agency are taking “inadequate” countermeasures to phishing schemes.