The Hong Kong Monetary Authority (HKMA) has received reports from banks regarding eight cases of unauthorised small-value payment transactions over the past three weeks. These unauthorised transactions involve three banks and a total value of HKD 70,000. Based on the latest information, it is possible that the fraudsters have stolen the customers’ Internet banking login passwords to perform small-value payment transactions.
In accordance with the HKMA’s regulatory requirements, banks should notify a customer immediately after the customer initiates a small-value payment transaction. The said unauthorised transactions were detected after the customers contacted the banks upon receiving the notifications. The affected banks and customers have reported these cases to the Police. In accordance with the Code of Banking Practice, a customer should not be held responsible for any direct loss suffered by him or her as a result of unauthorised e-banking transactions unless he or she acts fraudulently or with gross negligence. Following this requirement, the banks have already compensated some of the customers, while the remaining cases are being processed.
The HKMA wishes to remind the public of the need to take suitable precautionary measures when using e-banking services in order to prevent these fraud cases from happening. These precautionary measures include:
If members of the public find unauthorised transactions conducted over their accounts, they should contact their bank as soon as possible and report to the Police or contact the Anti-Deception Coordination Centre of the Police at 18222.
Members of the public are encouraged to study the following public educational materials on e-banking services:
Hong Kong Monetary Authority
24 May 2019