The Japan Credit Association has compiled and announced the results of a survey that found that the amount of damage caused by fraudulent use of credit cards in one year last year exceeded 1 billion, the worst ever.

According to the Japan Credit Association, the amount of damage caused by fraudulent use of credit cards in the past year increased by more than 1 billion yen from the adult to 100.436 billion yen, the worst ever since 7000, when statistics were first compiled.

The breakdown shows that damage caused by "number theft" in which illegally obtained card numbers are used accounted for 1997.411 billion yen, accounting for 7000.94% of the total.

One of the reasons for this is believed to be an increase in "phishing scams" that lead to fake websites and steal card numbers, passwords, etc.

According to the Anti-Phishing Council, 3,1 cases of phishing scams were reported in one year last year, an increase of 96,8832 cases from adults, and the highest number of reports ever.

As a recent trend, SMS = A type of phishing called "smishing" that leads from the URL displayed in the short message is used to disguise fraudulent notification of the courier service or pretend to be a customs bureau.

In addition, phishing emails pretending to be credit card companies, banks, and electricity and gas companies are also increasing, so the Anti-Phishing Council said, "It is a time when there is a lot of movement of people, such as transfers, joining the company, and moving, so you need to be especially careful." Log in to the service from a legitimate app or bookmarked URL to verify your information."

In addition to phishing, which enters personal information into fake websites, there are also cases where personal information such as card numbers are leaked without the victim being aware of it.

This is a case where a site that made a payment with a credit card in the past was hacked from the outside, and personal information such as credit card number was leaked.

Leaked personal information may be bought and sold on the black market = black market on the Internet and SNS, and may be misused by criminal groups.

It is necessary to take action as soon as possible, such as checking your usage details in detail to see if there are any payments that you do not recognize, and contacting your credit card company to stop using them if there is an abnormal payment.

Credit card companies take measures

One of the measures that credit card companies are working on is to detect phishing sites that claim to be their companies and have them report them.

Even if a phishing site appears, the aim is to reduce the damage by responding at an early stage.

When a phishing site is launched at a request from a financial institution, a security company in Tokyo immediately detects it, provides information such as the URL of the site to the requesting company, and then requests the Internet service provider where the site is set up or the domain operating company to close it.

The detection mechanism is to "independently score the IP address, image, URL, etc. of the site according to the degree of suspicion" and grasp the site that has reached a certain score as a "phishing site" in almost real time.

When a phishing site is detected, an image of the phishing site is displayed on the system screen along with data describing the date and time of detection, URL, domain information, etc.

When I showed him the history of the day I visited for the interview, I found that after 1 a.m., a phishing site from the same credit card company was up one after another every few minutes to tens of minutes.

In addition, in the history a few days ago, phishing sites of major credit card companies such as JCB were also detected, and the displayed URL led to a login screen that looked exactly like a legitimate site.

During the interview, phishing sites pretending to be banks and major EC sites were detected, and it became clear that many phishing sites were launched every day.

According to security companies, phishing sites have waves, but sometimes thousands of phishing sites can be detected in one day.

Megumi Saruta, sales and public relations group manager of the security company Axion, said, "Currently, there are many phishing sites, and it sometimes takes time to close, and the criminals are also devising ways to bypass the detection system. It's also a weasel game."