Key Information

inSight
Speeches
Speeches by Speaker
Norman T.L. Chan
Peter Pang
Eddie Yue
Arthur Yuen
Raymond Li
Edmond Lau
Esmond Lee
Meena Datwani
Vincent W.S. Lee
James Lau
Joseph Yam
Y K Choi
William Ryback
David Carse
Tony Latter
Andrew Sheng
Hans Genberg
Simon Topping
Michael Taylor
The Honourable Donald Tsang
Chen Yuan
Dai Xianglong
Don Brash
Jaime Caruana
Andrew Crockett
Mario Draghi
David Eldon
Stanley Fischer
Timothy F. Geithner
Stephen Grenville
Kenneth G. Lay
William McDonough
Ernest Patrikis
Glenn Stevens
Jean-Claude Trichet
Tarisa Watanagase
Zeti Akhtar Aziz
Press Releases
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
Press Releases by Category
Bogus Voice Message Phone Calls
Banking in Hong Kong
Fraudulent Websites, E-mails and Telephone System, and other fraud cases
Granting of Banking Licences
Exchange Fund
Table of Multiples of Notes and Payments for Allotted Amount under non-competitive tender
Table of Multiples of Notes and Payments of Application Amount under non-competitive tender
Tender of Exchange Fund Bills and Notes
Tender Results of Exchange Fund Bills and Notes
Tentative Issuance Schedule for Exchange Fund Bills and Notes
Appointments and Departures
HKMA Pay Review
HKMA Publications
Speeches
The Hong Kong Mortgage Corporation
Hong Kong Note Printing Limited
Hong Kong Institute for Monetary Research
Exchange Fund Investment Limited
Others
Hong Kong Financial Infrastructure
International Relations
Investment Products Related to Lehman Brothers
Monetary Policy
Notes and Coins
Renminbi business
Credit Card Lending Survey
Monetary Statistics
Residential Mortgage Survey
Year 2000
Others
Guidelines and Circulars
Guidelines
Circulars
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997
359.3404

insight

Watch out for Trojan Horse Attacks

Have you come across the computer jargon "Trojan Horse"? Have you ever wondered what this is and where this term comes from? The term "Trojan Horse" originates from an ancient Greek myth. In a war between the Greeks and the Trojans (i.e. the people living in Troy), the Greeks constructed a huge wooden horse and hid a selected force of men inside. The Greeks pretended to retreat and the Trojans pulled the horse into their city as a victory trophy. This allowed the Greek army inside the horse to enter the city and open the gates for the rest of the Greek army which led to the final conquest of the city of Troy by the Greeks.

Similarly, a Trojan Horse in computer terminology refers to a malicious computer programme presented as a useful or harmless software to induce users to install it. These programmes can be inadvertently installed by internet users, for example, when they visit certain dubious websites or open attachments to incoming e-mails from dubious sources. Through the use of Trojan Horse planted in the personal computers of internet users, fraudsters may capture screen displays and keystrokes (e.g. to capture the user's login credentials and account information when the user accesses his/her internet service accounts such as internet banking account), steal information stored in, or take over the control of, the user's personal computer.

Such form of internet fraud is growing worldwide, and a small number of suspected Trojan Horse cases have recently been detected in Hong Kong in which during the login process to an internet banking account, a suspicious web page was displayed requesting the customer to input his/her credit card number, card security code, card expiration date and Automatic Teller Machine (ATM) Personal Identity Number (PIN). The customers involved found the web page suspicious and reported the incident to the banks concerned without inputting the requested information on the suspicious web page. No financial loss was incurred by the customers concerned.

Bank customers should stay vigilant to potential security issues including Trojan Horse attacks on their personal computers to avoid compromising their usage of internet services such as internet banking. To safeguard against such attacks, customers should install personal firewall and anti-virus software in their personal computers and keep them up-to-date. They should also avoid visiting or downloading software from suspicious websites, and be wary of opening attachments in e-mails from unfamiliar sources. Bank customers who discover any suspicious web page or any unauthorised transactions in their bank accounts should contact their banks immediately. Further information and advice on internet banking safety may be found on the HKMA website and on the websites of most banks.

So long as both the banks and their customers take appropriate security precautions against attempts to compromise the security of their personal computers, internet services such as those offered by banks are safe to use. Given the ever changing technology landscape and the increasingly sophisticated internet banking fraudulent methods, the HKMA will continue to monitor the development and trend of internet banking services and to review and, if necessary, strengthen the relevant controls where appropriate.

Meena Datwani
Executive Director (Banking Conduct)
12 November 2010

Last revision date: 1 August 2011
ABOUT THE HKMA
The HKMA
Tender Invitations
Careers@HKMA
Legislative Council Issues
Links
The HKMA Information Centre
KEY FUNCTIONS
Monetary Stability
Banking Stability
International Financial Centre
Exchange Fund
PUBLICATIONS & RESEARCH
Annual Report
Half-Yearly Monetary & Financial Stability Report
Quarterly Bulletin
HKMA Background Briefs
Reference Materials
Research
MARKET DATA & STATISTICS
CMU Bond Price Bulletin
Economic & Financial Data for Hong Kong
Monthly Statistical Bulletin
Monetary Statistics
KEY INFORMATION
Press Releases
Speeches
Guidelines & Circulars
Forthcoming Events
inSight
OTHER INFORMATION
Account Opening
Consumer Corner
Consumer Education Programme
Complaints about Banks
Complaints about SVF Licensees
Internet Banking
Fraudulent Bank Websites, Phishing E-mails and Similar Scams
Be Careful of Bogus Phone Calls and SMS Messages
Authenticate the Callers and Bank Hotline Numbers
Register of AIs & LROs
Register of Securities Staff of AIs
Register of SVF Licensees
Investment Products Related to Lehman Brothers
Photo Gallery