There were 33 cases of virtual currency accounts being fraudulently accessed and then transferred to other accounts for a total loss of some 76.5 million yen from January to July this year, an investigation by the National Police Agency (NPA) has revealed.
The NPA began receiving reports of fraudulent transfers of virtual currencies, those that exist only on the internet such as "bitcoin" and "ripple," from the accounts of several individuals beginning in May this year, and the NPA has just released a summary of the damages for the first time.
According to the NPA, the 33 fraud cases are composed of one case in February 2017, eight in May, 14 in June, and 10 in July. Additionally, damages by virtual currency up to June 2017 were the most for ripple, at 29.6 million yen, followed by bitcoin at nearly 29.3 million yen. Damages in other currencies Ethereum and NEM amounted to 200,000 yen and 100,000 yen, respectively, among others.
To login to virtual currency accounts, a password and other means of verification are required. However, it appears that some methods were used to fraudulently access the accounts and transfer money to other accounts without permission. Police say there is a possibility that the virtual money was converted to cash, perhaps overseas.
Of the 23 cases during the first half of the year, from January to June, the accounts in 20 of the cases did not use a two-step verification process that is a useful tool in preventing fraudulent access.
In addition, the NPA also reported that there were 36 cases nationwide of damage from the ransom money-requesting virus "Ransomware," which infected systems worldwide this May. In all of the cases, the virus encrypted the data of computers and other devices and demanded virtual currency or other funds in exchange for cracking the code, but there were reportedly no cases in which the ransom money was paid.
"You should of course have anti-virus software installed, and it is an absolute must to make use of not only IDs and passwords, but also two-step verification systems to further increase security measures," emphasized Keiichi Hida, an executive director of Japan Blockchain Association, composed of virtual currency exchange operators and other companies, about how to prevent fraudulent account access.
Of virtual currency exchange operators, "There is a need to create a more secure environment for users by making progress in areas such as locking accounts temporarily if the password is entered incorrectly several times, encrypting user passwords in preparation for cases of hacking," Hida said.