The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public in Hong Kong to an e-mail purporting to be related to The Hongkong and Shanghai Banking Corporation Limited (HSBC) and Hang Seng Bank Limited (Hang Seng Bank). The e-mail requests customers to use an embedded hyperlink to connect to a fraudulent website (for example, “http://mercipapa.com.br/files/.files/HK/” and “http://www.birth.hk/bb3/ol.php”) and may ask them to provide their account information such as the Internet banking logon user name and password. HSBC and Hang Seng Bank have clarified that they have not sent these e-mails to their customers and have no connection with the fraudulent websites.
Anyone who has provided his or her personal information to the websites, or has conducted any financial transactions through the websites should contact HSBC at 2233 3000 or Hang Seng Bank at 2822 0203, and any local police station or the Commercial Crime Bureau of the Hong Kong Police Force at 2860 5012.
“Members of the public are reminded not to access their Internet banking accounts through hyperlinks embedded in e-mails, Internet search engines or suspicious pop-up windows. Instead, they should access their Internet banking accounts by typing the website addresses at the address bar of the browser, or by bookmarking the genuine website and using that for access. In addition, banks are not expected to send e-mails asking their customers to provide their account information (e.g. Internet banking logon passwords) or verify their account information online. If in doubt, they should contact their banks,” said an HKMA spokesperson.
Hong Kong Monetary Authority
24 April 2014