Scam Warning: “Multi-Factor Authentication” Scam Messages Targeting Pixiv Users, Including the Prophet Driller

The Federal Trade Commission on Friday, September 5, 2025, reportedly received a scam report from Drillimation Systems after a user posing as Pixiv support got ahold of information the company marked as classified, including debit card information used to pay for the subscriptions to access tools used for the development and distribution of Drillimation products and their social media operations. The Prophet locked and closed the debit card affected before any damage could be done. A new one is currently on the way and Drillimation is taking steps to make sure this does not happen again.

Well, this is a heartbreaking story. Today, I got targeted by a phishing attack on @Pixiv, and I want to highlight this to you. I got a direct message asking me to secure my account which I unknowingly clicked on.

— Drillimation Systems Co., Ltd. / 株式会社ドリリメーションシステム (@Drillimation1) September 5, 2025

Pixiv is aware that a new security scam on the site is on the rise, where bad actors impersonate Pixiv support to hack into your bank account and make unwanted purchases. This latest scam comes almost five months after the Discord account of Studio Emiko was hacked. Other users on Pixiv received similar messages, sometimes being in Japanese. The fake messages claim that a user needs to secure their account with multifactor authentication or face suspension if they do not.

Scammers Use Fake “Secure Your Account” Messages to Steal and Hack Credit Card Information

Scammers will notify you via direct message and will attempt to get you to act by asking you to secure your account by means of entering your credit card information, according to the complaint sent by Drillimation.

Once the user is there, the victim will then enter their credit card information using the fraudulent link. Crypto and tech influencer Nick Johnson shared on Twitter back in April that this is becoming a growing trend among hackers, and also shared a similar story about something he experienced in Gmail. The message appears to come from Pixiv support and claims the added security is very convincing. The problem is Pixiv’s messaging system doesn’t have a spam folder to begin with.

The first thing to note is that this is a valid, signed email – it really was sent from no-reply@google.com. It passes the DKIM signature check, and GMail displays it without any warnings – it even puts it in the same conversation as other, legitimate security alerts. pic.twitter.com/GxlFR6ccLG

— nick.eth (@nicksdjohnson) April 16, 2025

How to Protect Your Pixiv Account and Bank Account From Fake Security Phishing Scams

Pixiv never sends unsolicited messages to users asking for their credit card information or their account password. Drillimation Systems is recommending the following steps to avoid falling victim to fake message scams, including the one the Prophet fell for over the weekend.

• Report spam messages to Pixiv itself, and block the sender.
• Pixiv sends an email when a new login is detected. Secure your account with multifactor authentication to prevent unwanted access.
• Don’t respond to these requests in the messages.
• Don’t enter your password or credit card information after clicking a link in the message.
• Beware of urgent-sounding messages.
• Never click links from untrustworthy sources.

If you think a security message that appears to be from Pixiv staff asking you to enable multifactor authentication using a given link, Pixiv suggests you enable multifactor authentication through the user settings instead.

Sources

• https://www.pixiv.net/info.php?id=12706 (in Japanese)