Japan is witnessing a significant rise in unauthorised fund transfers from corporate accounts due to sophisticated internet banking scams. Nishi-Nippon City Bank has issued an urgent advisory to its clients, particularly corporate account holders, to remain vigilant against such fraudulent activities.
According to the bank, scammers are impersonating bank representatives and contacting corporate customers under the pretext of renewing expired electronic certificates linked to their internet banking accounts.
These fraudsters use phone calls and phishing emails to deceive customers into divulging sensitive information, including IDs, passwords, and one-time passcodes.
“Fraudsters posing as bank employees have been calling corporate customers, stealing their internet banking information, and making fraudulent transfers from their accounts across the country,” the bank said in an advisory.
The scam typically begins with a phone call, sometimes automated, from individuals pretending to be bank employees. They claim the customer’s electronic banking certificate has expired and request their email address to send a renewal link.
Once victims provide their email address, they receive a phishing email containing a fraudulent link.
Cybercriminals orchestrate an elaborate deception by creating a meticulously crafted website that mimics that bank’s legitimate online platform. Through a carefully scripted social engineering approach, they manipulate victims into believing they are completing a routine account process.
By engaging victims in a seemingly helpful phone conversation, the scammers systematically extract critical authentication details, including personal account credentials and temporary verification codes.
Once they obtain these sensitive access parameters, the fraudsters swiftly initiate unauthorised financial transactions, routing stolen funds through multiple corporate bank accounts to obscure their digital trail.
Nishi-Nippon Bank urges customers to verify the identity of any caller claiming to be a bank representative by asking for their department and name. Users should also contact the bank directly through its official phone number for confirmation.
Thirdly, users should avoid clicking links or scanning QR codes in unsolicited emails or messages. Lastly, the bank cautioned customers not to share their banking credentials, including IDs, passwords, or one-time passcodes, with anyone over the phone.
Customers affected by the scam are advised to report the incident immediately to the nearest police station or contact the bank’s toll-free helpline for assistance.
“If you receive a suspicious phone call like the ones below, please respond with caution, such as by asking for the name and department of the person on the other end of the line and then calling back the bank’s main number,” the bank said.
In the News: TRAI debunks rumours of OTP delays due to new traceability rules
