Scam websites target visitors to Osaka Expo 2025

Cybersecurity firm Trend Micro, headquartered in Tokyo, has issued a public warning regarding fraudulent internet domains and websites that closely resemble the official online portal of the Osaka-Kansai Expo 2025.
The Expo is scheduled to open on April 13th and will be held on Yumeshima Island in Osaka.
Trend Micro’s findings indicate that malicious actors have acquired several domain names that incorporate character strings similar to the official Expo website’s address, “expo2025.or.jp” and have subsequently created deceptive websites.

Trend Micro’s investigation revealed that at least three such similar domains incorporating variations like “2025expo” and “expo-2025” were registered between late February and mid-July 2024.
The acquisition of these look-alike domains raises concerns about potential “phishing” activities, a form of online fraud where perpetrators attempt to obtain sensitive personal information, such as login credentials, financial details, and credit card numbers, by masquerading as legitimate entities.
In this context, the fake websites could be designed to mimic the official Expo ticket sales platform, deceiving users into providing their personal data under the guise of purchasing tickets.

One specific instance identified by Trend Micro involves an English-language website utilizing one of these similar domains.
This fraudulent site prominently advertises “EXPO 2025 OSAKA” and features a “Get Tickets” tab.
Upon clicking this tab, users are prompted to input personal information, including their name and phone number, which are common data points sought in phishing scams for identity theft or subsequent malicious activities.
The Japan Association for the 2025 International Exposition, the official organization responsible for managing and operating the Osaka-Kansai Expo, has corroborated Trend Micro’s warning.
A spokesperson for the Expo Association has explicitly stated that these similar domains and associated websites are not official and have no affiliation with the Expo.
The association urged the public to exercise extreme caution when purchasing tickets online and to ensure they are accessing the legitimate Expo website “expo2025.or.jp”.

The Expo Association also confirmed that “fake accounts” impersonating the official Expo presence on the social media platform X (formerly Twitter) were also detected during the summer of the previous year.
These fake social media accounts could be used to disseminate links to the fraudulent websites or to engage in other deceptive practices aimed at exploiting public interest in the upcoming Expo.
Katsuyuki Okamoto, a representative of Trend Micro, emphasized that the creation of fraudulent websites utilizing similar domains is a recurring tactic associated with major international events, including past World Expos and Olympic Games.
He further cautioned the public to be vigilant regarding social media posts that falsely claim to be related to the Osaka-Kansai Expo and that may contain links leading to these deceptive and potentially harmful websites.
The Osaka-Kansai Expo 2025 is anticipated to attract millions of visitors from both Japan and around the world.

The heightened public interest and the significant volume of online transactions related to ticket purchases and event information make the Expo a prime target for cybercriminals seeking to exploit unsuspecting individuals.
The warnings issued by Trend Micro and the Expo Association underscore the importance of cybersecurity awareness and the need for individuals to verify the authenticity of online resources before providing any personal or financial information.
It is recommended that individuals seeking information about the Expo or wishing to purchase tickets do so directly through the official “expo2025.or.jp” domain, accessed by manually typing the address into their web browser or through verified official channels.
Source: Yomiuri Shimbun