A cybersecurity survey has found that around 20,000 fake shopping sites were in operation in the second half of this year, Japan’s National Police Agency said Thursday, warning that the sites are designed to swindle money from unsuspecting shoppers.
Most of the websites use a hyperlink with a fake ad to lead victims to a scam site, the NPA said, based on the survey by the Japan Cybercrime Control Center involving information security and online service providers.
Typically, victims are led to the fake sites after using a search engine to look for information about a product they want to buy and then clicking on a hyperlink that includes an enticing phrase, such as “brand wristwatch, high quality.”
Products featured on malicious sites include not only luxury bags and watches but also general items and sporting goods. The websites tend to be written in unnatural Japanese, according to the center.
In the period from July to earlier this month, 19,834 scam sites had been identified, the survey found.
Police are investigating 122 bank accounts designated by the sites for payment, and confirmed that so far they had received about ¥240 million ($2.1 million).
Investigators have identified online shopping scams involving 43 people, including those suspected of making their bank accounts available through the websites in violation of a law preventing the transfer of criminal proceeds.
The center submitted the outcome of the survey to the Anti-Phishing Working Group, an international organization with the task of unifying the global response to cybercrime. Steps have been taken to trigger a pop-up alert when computer users are about to connect to a scam site.
“We have yet to discover the (scammers’) methods, but hyperlinks to fake sites place top (in search results). We want users to always update their computer virus software so as not to be victimized,” said an NPA official.
NPA chief Masayoshi Sakaguchi vowed at a news conference Thursday that the police will continue to make efforts to ensure the security of cyberspace.
The center said it has confirmed in the country the existence of 272 websites that are altered versions of existing facilities such as hospitals and shops. These websites also eventually route visitors to the scam sites.
The center has warned operators of the 272 websites to fix the security flaws.
In September, the agency said Japanese authorities logged a record number of reported cybercrimes in the first half of 2017.
The police said they received 69,977 reports in the January to June period, up 4.9 percent from a year earlier and the highest since 2001 when comparable data became available.
Police data showed that the leading category of reports — comprising 36,729 cases — involved the use of fraud and other malicious businesses practices to swindle customers of online shopping sites.