March Net Fraud Report: Increase in Scam Sites Targeting New Life Season, Warning Issued for Phishing Impersonating au Jibun Bank
According to the March Net Fraud Report released by BBSS Inc., phishing sites targeting Japan's 'new life' season are on the rise. In addition to sites impersonating TEPCO and NTT Docomo, there was a sharp increase in those masquerading as au Jibun Bank. A new tactic impersonating the local tax portal (eLTAX) was also confirmed. The report notes that Monex Securities was the most impersonated brand and highlights the trend of scams aligning with seasons and events. To prevent damage, it urges users to avoid clicking URLs carelessly, refrain from password reuse, and install security software.
📋 Article Processing Timeline
- 📰 Published: May 21, 2026 at 00:00
- 🔍 Collected: May 20, 2026 at 16:02
- 🤖 AI Analyzed: May 20, 2026 at 22:47 (6h 44m after Collected)
The Net Fraud Report analyzes scam sites investigated and collected each month to summarize current trends.
■Increase in Scam Sites Targeting the 'New Life' Season
March tends to see an increase in phishing sites targeting the 'new life' season. Sites impersonating mobile carriers like NTT Docomo and utility companies like Tokyo Electric Power Company (TEPCO) have been confirmed. While phishing sites impersonating the National Tax Agency typically increase during this period, this year, sites impersonating the local tax portal (eLTAX), a less common target, have also been identified. This may be an attempt to capitalize on the property tax payment period from April to June.
Furthermore, illegal streaming sites related to a global baseball tournament have appeared. Illegal streaming sites for pre-tournament exhibition games were also confirmed, indicating a trend of scam sites being created in line with seasons and events, requiring caution.
■Sharp Increase in Phishing Sites Impersonating au Jibun Bank
In addition to the trends in March, phishing sites impersonating au Jibun Bank have continued to surge into April. Methods have been confirmed that use SMS and email to steal information such as 'customer numbers' and 'login passwords'. Recently, phishing sites have been impersonating not only major banks but also a variety of financial institutions, including regional and online banks. In March, phishing scams impersonating Nagoya Bank also rose sharply. It is likely that phishing attempts targeting various banks will continue to increase.
■Phishing Site Brand Ranking
In March, phishing sites impersonating Monex Securities were most frequently confirmed. Although phishing targeting securities firms overall is on a downward trend, the level for Monex Securities remains high, requiring continued vigilance. Additionally, phishing sites impersonating Nagoya Bank were newly confirmed at 8th place, showing a trend of targeting not just major banks but also regional ones.
■Phishing Site Composition by Category
In March, the proportion of stock and securities-related phishing sites increased due to the rise in sites targeting Monex Securities. Credit card-related phishing is also reported in large numbers every month and requires caution.
■Tips to Prevent Phishing Damage
・Verify if URLs in emails/SMS are legitimate: Do not click on links in messages. Access official sites through pre-registered bookmarks or web searches.
・Be cautious of emails/SMS prompting for personal or credit card information: Credit card companies do not ask for personal information via email/SMS, so be extremely wary of messages directing you to pages that request such input.
・Avoid reusing login IDs and passwords: Using the same credentials across multiple services increases the risk of unauthorized access to other services if your information is stolen. Use different credentials for each service.
・Install security software: Criminal tactics are becoming more sophisticated. Security software can provide warnings when you access suspicious sites.
■Free Scam Site Diagnosis with 'Scam Site Checker'
To check the safety of a suspicious site, you can use the free 'Scam Site Checker' (https://checker.miyabull.jp/). It makes judgments based on a blacklist compiled from the 'Miyabull' anti-net fraud software and public authorities.
■Comments from Professor Tatsuya Mori
What is particularly noteworthy in March is the new appearance of phishing sites impersonating the local tax portal (eLTAX). This appears to be related to the significant decrease in attacks impersonating the National Tax Agency after the tax filing season, suggesting a planned tactic of switching targets to align with the next payment period. The structure of applying psychological pressure with phrases like 'unpaid' or 'seizure notice' is likely to continue.
The emergence of illegal streaming sites for the WBC even before the tournament and the expansion of targets in the financial sector to include au Jibun Bank and Nagoya Bank are also characteristic. These moves target areas 'just before demand arises' and 'where vigilance is relatively low.'
From April onwards, phishing scams are expected to piggyback on local tax payment notices, Golden Week travel demand, bank account openings for new students and workers, and impersonations of electric companies heading into summer. It is crucial for users not to access sites directly from links in SMS/email, but to use official apps or bookmarks, and to pause and verify with official channels when faced with urgent language. I hope you will share the contents of this report with your family and friends to stay ahead of attackers' tactics.
■Supervisor Profile
Tatsuya Mori, Professor, Faculty of Science and Engineering, Waseda University.
■Increase in Scam Sites Targeting the 'New Life' Season
March tends to see an increase in phishing sites targeting the 'new life' season. Sites impersonating mobile carriers like NTT Docomo and utility companies like Tokyo Electric Power Company (TEPCO) have been confirmed. While phishing sites impersonating the National Tax Agency typically increase during this period, this year, sites impersonating the local tax portal (eLTAX), a less common target, have also been identified. This may be an attempt to capitalize on the property tax payment period from April to June.
Furthermore, illegal streaming sites related to a global baseball tournament have appeared. Illegal streaming sites for pre-tournament exhibition games were also confirmed, indicating a trend of scam sites being created in line with seasons and events, requiring caution.
■Sharp Increase in Phishing Sites Impersonating au Jibun Bank
In addition to the trends in March, phishing sites impersonating au Jibun Bank have continued to surge into April. Methods have been confirmed that use SMS and email to steal information such as 'customer numbers' and 'login passwords'. Recently, phishing sites have been impersonating not only major banks but also a variety of financial institutions, including regional and online banks. In March, phishing scams impersonating Nagoya Bank also rose sharply. It is likely that phishing attempts targeting various banks will continue to increase.
■Phishing Site Brand Ranking
In March, phishing sites impersonating Monex Securities were most frequently confirmed. Although phishing targeting securities firms overall is on a downward trend, the level for Monex Securities remains high, requiring continued vigilance. Additionally, phishing sites impersonating Nagoya Bank were newly confirmed at 8th place, showing a trend of targeting not just major banks but also regional ones.
■Phishing Site Composition by Category
In March, the proportion of stock and securities-related phishing sites increased due to the rise in sites targeting Monex Securities. Credit card-related phishing is also reported in large numbers every month and requires caution.
■Tips to Prevent Phishing Damage
・Verify if URLs in emails/SMS are legitimate: Do not click on links in messages. Access official sites through pre-registered bookmarks or web searches.
・Be cautious of emails/SMS prompting for personal or credit card information: Credit card companies do not ask for personal information via email/SMS, so be extremely wary of messages directing you to pages that request such input.
・Avoid reusing login IDs and passwords: Using the same credentials across multiple services increases the risk of unauthorized access to other services if your information is stolen. Use different credentials for each service.
・Install security software: Criminal tactics are becoming more sophisticated. Security software can provide warnings when you access suspicious sites.
■Free Scam Site Diagnosis with 'Scam Site Checker'
To check the safety of a suspicious site, you can use the free 'Scam Site Checker' (https://checker.miyabull.jp/). It makes judgments based on a blacklist compiled from the 'Miyabull' anti-net fraud software and public authorities.
■Comments from Professor Tatsuya Mori
What is particularly noteworthy in March is the new appearance of phishing sites impersonating the local tax portal (eLTAX). This appears to be related to the significant decrease in attacks impersonating the National Tax Agency after the tax filing season, suggesting a planned tactic of switching targets to align with the next payment period. The structure of applying psychological pressure with phrases like 'unpaid' or 'seizure notice' is likely to continue.
The emergence of illegal streaming sites for the WBC even before the tournament and the expansion of targets in the financial sector to include au Jibun Bank and Nagoya Bank are also characteristic. These moves target areas 'just before demand arises' and 'where vigilance is relatively low.'
From April onwards, phishing scams are expected to piggyback on local tax payment notices, Golden Week travel demand, bank account openings for new students and workers, and impersonations of electric companies heading into summer. It is crucial for users not to access sites directly from links in SMS/email, but to use official apps or bookmarks, and to pause and verify with official channels when faced with urgent language. I hope you will share the contents of this report with your family and friends to stay ahead of attackers' tactics.
■Supervisor Profile
Tatsuya Mori, Professor, Faculty of Science and Engineering, Waseda University.