The number of phishing attacks against Japanese companies and individuals, disguised as emails from legitimate big firms, was down by over 70 per cent during China’s Lunar New Year holidays in February, according to a US cybersecurity firm.
The attacks were potentially carried out systematically from China, with an official from cybersecurity company Proofpoint saying the finding suggested “hackers may observe the Lunar New Year as well”.
If recipients visit fake websites via links in the phishing emails, personal information, such as credit card numbers, as well as client data in the case of companies, could be stolen.
In February and March, Proofpoint analysed malicious emails received by its Japanese clients that looked as if they were sent from household names such as online shopping platform Amazon, tech giant Microsoft and digital payment app PayPay, among others.
The result showed that the volume of phishing emails plunged to around 350,000 per day during the Feb 15 to Feb 23 public holidays in China in 2026, compared with about 1.3 million mails a day on average between late January and early February.
It was also noticed that there were more phishing attacks on weekdays than on Saturdays and Sundays even after the holidays.
“It is highly likely that these hackers work with a set schedule – coming to work on weekdays and resting on weekends and holidays, just like typical corporate employees,” said Ms Yukimi Sota of Proofpoint, who took part in the analysis.
Proofpoint found traces of the Chinese language being used in the emails. It also observed that many of the emails were sent between around 9am and 5 pm Beijing time.
Since the Chinese writing system and Japanese kanji share many characters, it is relatively easy for Chinese hackers to compose phishing emails targeting Japanese users, Dr Masakatsu Morii, professor emeritus at Kobe University and an expert in communication engineering, pointed out. KYODO NEWS
