Contact Us
Search Print
Font Size
A A A
FacebookInstagramLinkedinWechatXYoutube
Select Category
Show All Options
Modification Time
Done
Done
Done
a
Done
News and Media
Press ReleasesR & M ColumnVideos
SpeechesForthcoming Events
inSightPhoto Gallery
Smart Consumers
Overview
e-Banking
Personal Digital KeysInternet BankingATMs
Payment and Transfer
Faster Payment System (FPS)e-Payment and Transfere-Wallets and Prepaid CardsCredit Cards
Loans
Personal CreditMortgagesPremium Financing
General Banking Services
Account Opening and MaintenanceAutopay ServicesInvestment ServicesDeposits
Beware of Fraudsters!
Don't Lend/Sell Your Account
Notes and Coins
2018 Series Hong Kong BanknotesCoin Cart Schedule
Retirement Planning
Practical Information
Barrier-free Bank Branches and ATMsHotlines of Banks & Stored Value Facility LicenseesComplaintsRegisters and ListsPublic Education VideosPublic Education EventsFAQs
Information in Other Languages
Data, Publications and Research
Data & Statistics
Daily Monetary StatisticsMonthly Statistical BulletinEconomic & Financial Data for Hong KongCMU Bond Price Bulletin
Legislative Council Issues
Publications
Annual ReportSustainability ReportHalf-Yearly Monetary & Financial Stability ReportQuarterly Bulletin
Guide to Hong Kong Monetary, Banking and Financial Terms
Research
Research MemorandumsExternal PublicationsHong Kong Institute for Monetary and Financial ResearchOther Research Papers
HKMA's Open Application Programming Interface (API)
Regulatory Resources
Registers and Lists
Register of AIs & LROsRegister of Securities Staff of AIsRegister of SVF LicenseesList of AI-related Trustees
Authorization, Licensing, Designation and Approval
Regulatory Guides
By Subject (Current)Supervisory Policy ManualGuidelinesCircularsGuide to AuthorizationCode of PracticeExplanatory NotePractice NoteAdditional Guidance
Consultations
OpenClosed
Key Functions
Money
Linked Exchange Rate SystemLiquidity FacilitiesHong Kong Currency
Reserves Management
HistoryExchange Fund's Statutory Purposes and Investment ObjectivesInvestment ManagementInvestment PerformanceRisk ManagementResponsible InvestmentExchange Fund Statistics and Publications
Banking
Banking Regulatory and Supervisory RegimeBanking Legislation, Policies and Standards ImplementationBanking Conduct and EnforcementAnti-Money Laundering and Counter-Financing of TerrorismResolution RegimeSmart BankingRegulatory GuidesRegtech Knowledge HubHKMA – BIS Joint ConferenceGreen and Sustainable Banking ConferenceGreen Fintech Competition
International Financial Centre
Hong Kong as an International Financial CentreFintechBond Market DevelopmentFinancial Market InfrastructureStored Value Facilities and Retail Payment SystemsStablecoin IssuersSoft InfrastructureInternational & Regional Financial Co-operationCentre for Green and Sustainable FinanceHKMA Infrastructure Financing Facilitation OfficeCross-boundary Wealth Management Connect Scheme in the Guangdong-Hong Kong-Macao Greater Bay AreaGlobal Financial Leaders' Investment SummitHKMA – BIS High-Level ConferenceHong Kong Green Week – Finance Stream
About Us
The HKMA
Governance StructureAdvisory CommitteesThe Chief Executive's CommitteeOrganisation ChartInternal AuditSustainable HKMA
Tender Invitations
The HKMA Information Centre
Exhibition AreaLibraryGeneral InformationGuided ToursSouvenirs
Related Organisations and Links
HKMA-related Organisations and LinksHKSAR Government & Related OrganisationsCentral BanksMultilateral OrganisationsOthers
Join Us
Why the HKMA?What We Do?Current VacanciesOpportunities for Students and Graduates to Join the HKMA
News and Media
Smart Consumers
Data, Publications and Research
Regulatory Resources
Key Functions
About Us

Watch out for Trojan Horse Attacks

inSight

12 Nov 2010

Watch out for Trojan Horse Attacks

Have you come across the computer jargon "Trojan Horse"? Have you ever wondered what this is and where this term comes from? The term "Trojan Horse" originates from an ancient Greek myth. In a war between the Greeks and the Trojans (i.e. the people living in Troy), the Greeks constructed a huge wooden horse and hid a selected force of men inside. The Greeks pretended to retreat and the Trojans pulled the horse into their city as a victory trophy. This allowed the Greek army inside the horse to enter the city and open the gates for the rest of the Greek army which led to the final conquest of the city of Troy by the Greeks.

Similarly, a Trojan Horse in computer terminology refers to a malicious computer programme presented as a useful or harmless software to induce users to install it. These programmes can be inadvertently installed by internet users, for example, when they visit certain dubious websites or open attachments to incoming e-mails from dubious sources. Through the use of Trojan Horse planted in the personal computers of internet users, fraudsters may capture screen displays and keystrokes (e.g. to capture the user's login credentials and account information when the user accesses his/her internet service accounts such as internet banking account), steal information stored in, or take over the control of, the user's personal computer.

Such form of internet fraud is growing worldwide, and a small number of suspected Trojan Horse cases have recently been detected in Hong Kong in which during the login process to an internet banking account, a suspicious web page was displayed requesting the customer to input his/her credit card number, card security code, card expiration date and Automatic Teller Machine (ATM) Personal Identity Number (PIN). The customers involved found the web page suspicious and reported the incident to the banks concerned without inputting the requested information on the suspicious web page. No financial loss was incurred by the customers concerned.

Bank customers should stay vigilant to potential security issues including Trojan Horse attacks on their personal computers to avoid compromising their usage of internet services such as internet banking. To safeguard against such attacks, customers should install personal firewall and anti-virus software in their personal computers and keep them up-to-date. They should also avoid visiting or downloading software from suspicious websites, and be wary of opening attachments in e-mails from unfamiliar sources. Bank customers who discover any suspicious web page or any unauthorised transactions in their bank accounts should contact their banks immediately. Further information and advice on internet banking safety may be found on the HKMA website and on the websites of most banks.

So long as both the banks and their customers take appropriate security precautions against attempts to compromise the security of their personal computers, internet services such as those offered by banks are safe to use. Given the ever changing technology landscape and the increasingly sophisticated internet banking fraudulent methods, the HKMA will continue to monitor the development and trend of internet banking services and to review and, if necessary, strengthen the relevant controls where appropriate.

Meena Datwani
Executive Director (Banking Conduct)
12 November 2010

Latest inSight
View All View All
Last revision date : 12 November 2010