Chinese man accused of stealing passwords linked to e-cigarette scam, Japan says
- Hu Aobo, 30, was arrested in Japan for unauthorised computer access and is believed to be linked to a syndicate smuggling e-cigarettes to China
- His computer contained stolen login information of over 2 million people and several fake websites offering shopping and financial products
Hu Aobo, 30, was arrested on Monday for unauthorised computer access in Kanagawa prefecture near Tokyo.
Police also found about 100 million email addresses on the device confiscated from Hu, who has denied the allegations.
Officers added Hu allegedly obtained the information through phishing or from the dark web and his computer had malware to conduct a phishing attack, NHK reported.
It also contained several fake websites offering shopping and financial products supposedly deployed to reel in personal information from unsuspected users.
Hu was in February arrested on suspicion of illegally using an individual’s Merpay mobile payment account to buy a dozen e-cigarette cartons from a Tokyo convenience store.
Thirteen Chinese nationals have been detained since last June in connection with the vaporiser scam in which Hu helmed the hacking task, police said.
Three were found guilty by a court that also heard the e-cigarette traffickers hired the Chinese citizens via social media or acquaintances.
They use images of stolen e-payment codes at convenience stores to bulk-purchase the e-cigarettes that would later be handed over to Chinese vendors for resale in China, where the Japanese product is popular.
Japan crime ring worked from Thailand, Philippines, police say
The suspects were paid up to 30,000 yen (US$218) a day, the Asahi newspaper reported.
Authorities have urged people to avoid clicking on links in emails from unknown accounts as Japan saw a sharp rise in phishing incidents over the past years.
According to the Council for Anti-phishing Japan, 960,000 phishing cases were reported last year, up about 440,000 from 2021.
The number of cyberattacks against companies and government websites has also been increasing in Japan since March, with the Tokyo Electric Power Company and a host of prefectural governments targeted by hackers.