The information technology agency has discovered a new type of cybercrime in which businesses are swindled through email messages that appear to be sent by partner companies, sources said Sunday.
The four cases examined by the Information-Technology Promotion Agency involved domestic companies whose email systems had been compromised, a threat that has emerged on a global scale.
Money was stolen in two cases, but the agency withheld both the amount and the names of the companies.
According to the FBI, about 22,000 cases of this kind were reported in the United States and elsewhere between October 2013 and June 2016, causing a combined loss of about $3.1 billion. The average stolen in each case was about ¥16 million.
The FBI defines the scheme as payment fraud involving the compromise of legitimate corporate email accounts, including those belonging to a chief executive officer, for the purpose of conducting unauthorized wire transfers.
After compromising an email account — usually through human deception or malware — the criminals are able to send wire transfer instructions using either the victim’s email account or a fake one.
In the Japanese cases, the agency found that the companies’ email communications were probably intercepted. Some of the email scams originated from an address that was almost identical to the legitimate one except for one letter removed or replaced.
The agency conducted an analysis based on information provided by businesses taking part in a seven-industry information-sharing initiative that includes critical infrastructure, such as electricity and gas networks, with the aim of countering cyberattacks on those sectors.
All four cases were related to business deals involving foreign companies, and the emails requesting the fraudulent money transfers were all written in English.
In one case, a hacker sent an email noting a change in the account to which money should be sent after legitimate exchanges between Japanese and U.S. companies reached a final stage. But the Japanese company noticed an irregularity and canceled the transfer.
The agency plans to release a report about cases involving the scheme in the near future, the sources said.