A surge in cyberattacks has affected Japan’s onlinetrading sector, as hijackers continue to compromise brokerage accounts andexecute fraudulent trades worth hundreds of billions of yen. The Financial Services Agency (FSA) has raised thealarm over the scale of the attacks, which have spiked sharply since March andshow no sign of slowing.Fraud Totals Reach Alarming LevelsIn May alone, hackers executed 2,289 unauthorizedtransactions totaling approximately ¥200 billion. Although this marks a declinefrom April’s figures, 2,910 cases and ¥290 billion in fraudulent activity, thenumbers remain high compared to historical norms. Over just three months, March to May, fraudulenttrades exceeded ¥500 billion across nearly 6,000 incidents. The scope of theattacks underscores how cybercriminals are exploiting security vulnerabilitiesin online brokerage systems to take control of customer accounts. Once inside, hackers typically sell off the assets inthe account and use the proceeds to purchase low-liquidity stocks, many ofwhich they likely own, to inflate prices artificially.The Japan Securities Dealers Association confirmedthat 16 brokerage firms have reported account hijackings. While major firmswere the initial targets, attackers are now increasingly shifting their focusto smaller brokerages, where cybersecurity protections may be weaker.Hackers reportedly use phishing emails, malware, andspoofed websites to steal user credentials. These techniques allow them tobypass login protections, particularly at firms that do not enforce multifactorauthentication.Push for Stronger ProtectionsIn response to the growing threat, 76 brokerages havecommitted to making multifactor authentication mandatory for trading. However,the rollout remains uneven, and full implementation will take time. Until then,user accounts remain exposed to potential compromise.Multifactor authentication typically involvesrequiring a second verification step, such as a one-time code sent via text orgenerated through an authentication app. While effective, the added layer of protection isstill optional for many users, a gap hackers continue to exploit. The FSA hasurged investors to take basic precautions: avoid reusing passwords, regularlyupdate software, and install anti-malware programs.The agency also warned that the official numbers mayunderestimate the true scale of the fraud, as some unauthorized transactionsmight not yet be discovered or reported.This article was written by Jared Kirui at www.financemagnates.com.