The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to an e-mail purporting to be sent from Hang Seng Bank, Limited (HSB). The e-mail requests customers to use an embedded hyperlink to connect to a fraudulent website (for example, “http://s-oh.sakura.ne.jp/okayama/index2.php” linking to “http://dev2.digisat.org/digisat_new”, and “http://s-oh.sakura.ne.jp/dan-shinya/wp-includes/id3.php” linking to “http://www.gangesindia.com/icon/os/_tmp”) and provide their personal information such as the Hong Kong Identity Card number and credit card information. HSB has clarified that it has not sent these e-mails to its customers and has no connection with the fraudulent website.
Anyone who has provided his or her personal information to the website, or has conducted any financial transactions through the website should contact HSB at 2822 0203 and any local police station or the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force at 2860 5012.
“Members of the public are reminded not to access their Internet banking accounts through hyperlinks embedded in e-mails, Internet search engines or suspicious pop-up windows. Instead, they should access their Internet banking accounts by typing the website addresses at the address bar of the browser, or by bookmarking the genuine website and using that for access. In addition, banks are not expected to send e-mails asking their customers to provide their account information (e.g. Internet banking logon passwords) or verify their account information online. If in doubt, they should contact their banks,” said an HKMA spokesperson.
Hong Kong Monetary Authority
3 August 2015