AI-Driven Phishing Scams: Railway and Delivery Service Fake Websites Are Getting Harder to Spot

The sophistication of the raging phishing scam

“Your account has been temporarily suspended.”

“Update your account information and get a chance to earn up to 10,000 points!”

With various attention-grabbing phrases, phishing scams are flooding inboxes with URLs that lead victims to fake websites nearly identical to the real ones, attempting to steal credit card and personal information. Reports of suspicious emails and messages reached over 1.71 million cases in 2024 alone, setting a new record for the worst year. Makiko Morisawa from the National Consumer Affairs Center’s Consultation Division 2 explains:

“Phishing emails in the past were easy to spot because the Japanese was unnatural or the URLs looked suspicious. However, today the sentences are much more natural, and the transition to fake websites is seamless. As a result, more and more people are falling victim.”

While the methods remain traditional, they have been updated with new techniques, including the use of AI, according to IT journalist Hiroshi Mikami:

“A recent trend is that phishing emails impersonate trustworthy organizations based on current events. For example, during tax season in February and March, they pose as the National Tax Agency, and during bonus season, they impersonate electronics retailers or e-commerce sites. This adds to the realism. Delivery services are also frequently exploited.”

The pages displayed after clicking the URLs are becoming more sophisticated as well. Eiichi Kanayama, an expert from the Information-Technology Promotion Agency (IPA), expresses his outrage:

“Look at this screen for the ETC inquiry service. The specifications are identical to the real site down to the smallest details. What’s worse is that after stealing personal information, they redirect the victim to the real homepage, which shows just how malicious these scams are.”