3 reasons and three measures that Japan Post Bank targeted for illegal withdrawals

Damage to unauthorized withdrawals from Japan Post Bank

The "docomo account", which is a cashless payment saucer, was created with a fictitious account without the consent of the person, and the unauthorized withdrawal from local banks became a big topic.

The fact that the docomo account side can create an account only by email, and that the bank account collaboration is a system that is established if the account number, the name of the holder, and the PIN match is established.It has been easier to make withdrawal.

(However, due to the upper limit of the withdrawal amount, the damage does not mean that it is 10 million yen per person).

Since local banks basically use the same system, there is a structure that causes damage to other banks if one party is damaged, but two lines of megabank, which had originally created an account collaboration system.Does not seem to disclose the damage so far.Sumitomo Mitsui Banking Corporation requires a one -time password, and Mizuho Bank has a registered screen of Mizuho Direct (4 numbers different from the account number and the PIN) or "Enter the latest balance of your passbook".Yes, this is not possible for criminals (unless the passbook is stolen).

(Commentary page of Sumitomo Mitsui Banking Corporation / Mizuho Bank's commentary page)

There is another Japan Post Bank in a bank that has caused great damage.According to a document of Japan Post Bank announced on the 18th, there were 137 unauthorized savings withdrawal, and a total of 22.05 million yen was confirmed.Among them, the docomo account is 15.46 million yen.

9/18 About the damage status of Japan Post Bank Instant Transfer Service

これは「ドコモ口座の被害の過半数はゆうちょ銀行から生じている」ということと「ドコモ口座以外でも同種の不正出金が生じている」ということを意味します。それ以外で起きている案件はPayPay、LINEペイ、メルペイ、Kyash、ペイパルなどです。

So why is the damage from Japan Post Bank expanding?And is there no countermeasure?

Why three reasons why Yuko Bank is being targeted

第1の理由として考えられるのは、なんといっても口座数が多いということです。口座数が多いほど犯罪者にとってはチャンスも増えます。ゆうちょ銀行のホームページでは約1億2千万口座があるとしています。日本人の人口と等しいほどで、三菱UFJ銀行の個人顧客は3400万人と言われており、その差は圧倒的です(注:口座数と顧客数はイコールではないが)。

When creating a fictitious bank website on a fishing site and saying "Please enter the account number and the PIN to check the account number and the PIN", many malicious third parties are deceived by banks with a large number of accounts anyway.Become.In short, Japan Post Bank tends to be targeted for fishing sites.Entering is a misunderstanding individual, and the financial institution has not been hacked, but it may be stolen a lot of account information.

第2の理由として考えられるのは、被害の発覚に時間がかかるということです。口座数が多いということは、休眠口座がたくさんあるということ、あるいは高齢者の口座も少なくないことを意味します。実際にはほとんど利用がないが、数万円から数十万円が入ったまま、ということが中高齢者にはしばしばあります。

If you use a bank that you use everyday, you will notice that you are deducted 100,000 yen, but if you are a user who does not check the dormant account or balance, the timing of the damage will be delayed.It gives the impression that the report will continue for many days and expand.

第3の理由として考えられるのは、民営化に伴う業務拡大に焦ったという面です。民間金融機関と常に競争を求められ、電子決済で遅れをとるわけにはいかないという焦りが、単純な口座確認でOKとしていたのかもしれません(業務拡大への焦りという問題は、接続する電子マネー等の側が抱えている問題でもあります。例えば、昨年のセブンペイ問題は後発ゆえの焦りが出た案件といえます)。

There are many elderly people, and two -step authentication using smartphone SMS and apps is difficult, so they may have made an excuse for postponing because they are impatient.

By the way, considering the causes of such fraudulent troubles, the important thing is to be a realistic measure.

ゆうちょ銀行が不正出金で狙われた3つの理由と3つの対策

Countermeasures 1: Organize unnecessary accounts (tell your parents)

まず考えてみたいのは「口座の整理」です。ほとんどノータッチである銀行口座があって、でもせっかくだからと数十万円から数百万円を預けている人がいますが、こういう騒動になったとき、チェックがすぐにできない口座をたくさん持つことはあまり好ましくありません。

If unnecessary accounts are transferred to zero balance, or if you cancel at the store, the burden of unauthorized withdrawal will be reduced.

This problem, probably not very relevant to the active generation, and the worries are the pensioners (parents and grandparents).When I go back to the countryside and talk, I sometimes have a number of bank accounts for such a reason, "I leave only 1 million yen in the relationship."

If parents and grandparents get sick, their physical condition may change quickly without having to organize their accounts.I think the more elderly people, the better their accounts.Please give advice to parents and grandparents.

Countermeasures 2: Choose a bank where you will get a message at the time of withdrawal

Also, the most effective way for illegal withdrawal is to leave it to a bank that will notify you by e -mail, saying, "There was a withdrawal."When setting a mobile banking, basically register your email address.If you apply online at a major bank, you may not be able to open an account without a mail address in the first place.

Sumitomo Mitsui Banking / Shinsei Bank / Rakuten Bank

ここにあげたリンクはごく一部の銀行のものであり、多くの銀行が同種のサービスを提供しています。ただし登録をしていないとどんな便利も活用できませんので、未設定の人は自分の銀行のサービスを確認してみてください。

Local banks also provide email notification services in some banks (such as Fukuoka Bank).On the other hand, Japan Post Bank will notify you of "payment", but there seems to be no "withdrawal" setting screen.

It is convenient because it arrives automatically when such a message, deposit and withdrawal.When I drop the money at the ATM with my own intention, I think it's an extra care to receive an email saying, "I will let you know because there is a withdrawal."Nothing is so certain.

A bank that does not provide such a service can be reviewed.

Measures 3: Buy government bonds for individuals

The last countermeasure is to buy individual government bonds if you want to make a time deposit in various places.

Except for online securities, you will have to come to the store once when purchasing government bonds for individuals.In addition, it is not possible to cancel in the mobile banking menu, and it is usually necessary to cancel in the store.

つまり、誰とも会わずに不正出金をしたいとたくらむ悪者にとっては、これくらい都合の悪い金融商品はありません

There is no place to lose compared to bank deposits, regardless of interest rates or reliability (interest rates generally exceed the deposit interest rate. At least 0 years a year..05 % is guaranteed.Also, it is unlikely that the country will break and the bank will not break).

Banks can also purchase personal government bonds that are recruited every month.The hurdle is low that can be purchased from 10,000 yen.In addition, there are three years and five years of fixed -rate government bonds for individuals, and there are 10 years of floating interest rates, which revise interest rates.

Japan Post Bank also sells profitable government bonds in addition to individual government bonds (costs for 2 years, 5 years, 10 years, and 50,000 yen in units of 50,000 yen).

However, do not transfer to the money that will be withdrawn because the number of government bonds takes the number of days and the cancellation of the purchase is a minus for cancellation immediately.

Take this opportunity to think about how to get along with Japan Post Bank

今回のような、ユーザー側に過失がない不正取引については、基本的に金融機関サイドが全額を補償します。ゆうちょ銀行も一連の被害については「不正な取引により被害が発生した場合は、各事業者様と連携し、必要な調査を踏まえた上で、全額補償を行う方針です。」(ゆうちょ銀行ホームページQ&Aより)としています。二度とお金が戻らないということはないので、ここは安心してほしいと思います。

Also, as a premise of this fraudulent transaction, if the account number and PIN were collected from the phishing site, we would have passed the data to a malicious third party without knowing it.We also need to be careful (this is where we want to advise parents and grandparents).

これからも悪者と金融機関、そして私たちとのいたちごっこは続きます。そして利便性と信頼性をどうバランス良く保つかどうかの駆け引きも続くことになるでしょう。

そんな中、利用者である私たちにすぐできる対策として、今回は「口座の整理」「出金時にメールを受け取る」「個人向け国債を買う」というアイデアをご紹介しました。

If you think it can be used, please take some incorporation.

Tags: