Phishing scams exploit Japan’s digital currencies as fraud cases rise: report

Digital currencies issued by local governments in Japan are increasingly exploited by phishing scams, with scammers taking advantage of bounty programs.

A series of fraud cases have exposed security vulnerabilities in digital currencies issued by Japanese municipalities, prompting calls for stronger security measures, Japan Times has learned.

Osaka police recently arrested seven Vietnamese citizens accused of fraudulently obtaining “machikane points,” a regional digital currency used in Toyonaka City, using stolen credit card information.

The suspects allegedly took advantage of the currency’s premium rewards system, which offers up to ¥2,500 (approximately US$345) for purchases of ¥50,000 (~US$6,900) by using the same credit card across multiple accounts. Investigators estimate that the group obtained nearly half a million dollars in fraudulent bonuses in just two days. Authorities suspect other people were involved in the incident.

Similar scams have popped up elsewhere, including Kumagaya, Saitama Prefecture, where the local Kuma Pay currency was targeted. According to investigative sources, numerous municipalities across the country reported incidents, but some declined to disclose details.

Digital regional currencies designed to support local economies have grown in popularity in recent years. Data from Senshu University shows that the number of municipalities issuing such currencies increased from 32 in 2019 to 219 in 2023. But experts warn that phishing groups “tend to target newly introduced digital currencies.”

Authorities are urging municipalities to strengthen identity verification protocols and limit credit card use to those registered in the recipient’s name. However, some authorities argue that it is difficult to completely prevent phishing theft.