Thursday, May 8, 2025
Homecyber securityNew Phishing Campaign Targets Investors to Steal Login Credentials

New Phishing Campaign Targets Investors to Steal Login Credentials

Published on

SIEM as a Service

Follow Us on Google News

Symantec has recently identified a sophisticated phishing campaign targeting users of Monex Securities (マネックス証券), a prominent online securities company in Japan formed through the merger of Monex, Inc. and Nikko Beans, Inc.

The company provides individual investors with a range of financial services, making it an attractive target for cybercriminals.

The phishing operation involves the use of randomly generated alphanumeric domains with the .cn top-level domain, all impersonating Monex Securities.

- Advertisement - Google News

These domains include the keyword “monex” in the first directory of the URL (e.g., ijnlu[.]cn/monex) to create a sense of legitimacy.

The phishing emails, disguised as official notifications from Monex Securities, aim to deceive recipients into clicking on malicious URLs by requesting confirmation and updates of account information.

The subject line used in these emails reads:

【マネックス証券】登録情報の確認および更新のお願い
(Translated: “[Monex Securities] Request to confirm and update registered information”)

Upon clicking the embedded link, users are redirected to a fraudulent Monex Securities login page designed to harvest their credentials.

Once attackers gain access to the victim’s account, they can exploit sensitive financial information and potentially carry out unauthorized transactions.

Technical Measures

According to the Report, Symantec has implemented robust countermeasures to protect users from this threat. Email security products under Symantec’s portfolio have been updated to detect and block these phishing attempts effectively.

Additionally, Symantec’s Email Threat Isolation (ETI) technology provides an added layer of defense by isolating malicious links and preventing users from interacting with harmful content.

On the web front, all observed phishing domains and IPs have been categorized under security filters in WebPulse-enabled products, ensuring that users are shielded from accessing these fraudulent websites.

These proactive measures are designed to mitigate risks and safeguard customer accounts against credential theft.

Implications for Investors

This phishing campaign underscores the growing sophistication of cybercriminals targeting financial institutions and their customers.

Investors are advised to remain vigilant when receiving unsolicited emails requesting personal or account-related information.

It is critical to verify the authenticity of such messages through official channels before taking any action.

Monex Securities users should ensure their accounts are secure by enabling multi-factor authentication (MFA) and regularly updating their passwords.

Additionally, organizations like Symantec continue to play a vital role in combating cyber threats by deploying advanced security solutions tailored for email and web-based attacks.

As phishing campaigns evolve, awareness and adherence to cybersecurity best practices remain essential for individuals and institutions alike.

Find this News Interesting! Follow us on Google NewsLinkedIn, & X to Get Instant Updates!

Aman Mishra
Aman Mishra
Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Latest articles

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...