Contact Us
Search Print
Font Size
A A A
FacebookInstagramLinkedinWechatXYoutube
Select Category
Show All Options
Modification Time
Done
Done
Done
a
Done
News and Media
Press ReleasesR & M ColumnVideos
SpeechesForthcoming Events
inSightPhoto Gallery
Smart Consumers
Overview
e-Banking
Personal Digital KeysInternet BankingATMs
Payment and Transfer
Faster Payment System (FPS)e-Payment and Transfere-Wallets and Prepaid CardsCredit Cards
Loans
Personal CreditMortgagesPremium Financing
General Banking Services
Account Opening and MaintenanceAutopay ServicesInvestment ServicesDeposits
Beware of Fraudsters!
Don't Lend/Sell Your Account
Notes and Coins
2018 Series Hong Kong BanknotesCoin Cart Schedule
Retirement Planning
Practical Information
Barrier-free Bank Branches and ATMsHotlines of Banks & Stored Value Facility LicenseesComplaintsRegisters and ListsPublic Education VideosPublic Education EventsFAQs
Information in Other Languages
Data, Publications and Research
Data & Statistics
Daily Monetary StatisticsMonthly Statistical BulletinEconomic & Financial Data for Hong KongCMU Bond Price Bulletin
Legislative Council Issues
Publications
Annual ReportSustainability ReportHalf-Yearly Monetary & Financial Stability ReportQuarterly Bulletin
Guide to Hong Kong Monetary, Banking and Financial Terms
Research
Research MemorandumsExternal PublicationsHong Kong Institute for Monetary and Financial ResearchOther Research Papers
HKMA's Open Application Programming Interface (API)
Regulatory Resources
Registers and Lists
Register of AIs & LROsRegister of Securities Staff of AIsRegister of SVF LicenseesList of AI-related Trustees
Authorization, Licensing, Designation and Approval
Regulatory Guides
By Subject (Current)Supervisory Policy ManualGuidelinesCircularsGuide to AuthorizationCode of PracticeExplanatory NotePractice NoteAdditional Guidance
Consultations
OpenClosed
Key Functions
Money
Linked Exchange Rate SystemLiquidity FacilitiesHong Kong Currency
Reserves Management
HistoryExchange Fund's Statutory Purposes and Investment ObjectivesInvestment ManagementInvestment PerformanceRisk ManagementResponsible InvestmentExchange Fund Statistics and Publications
Banking
Banking Regulatory and Supervisory RegimeBanking Legislation, Policies and Standards ImplementationBanking Conduct and EnforcementAnti-Money Laundering and Counter-Financing of TerrorismResolution RegimeSmart BankingRegulatory GuidesRegtech Knowledge HubHKMA – BIS Joint ConferenceGreen and Sustainable Banking Conference & Green Fintech Competition
International Financial Centre
Hong Kong as an International Financial CentreFintechBond Market DevelopmentFinancial Market InfrastructureStored Value Facilities and Retail Payment SystemsStablecoin IssuersSoft InfrastructureInternational & Regional Financial Co-operationCentre for Green and Sustainable FinanceHKMA Infrastructure Financing Facilitation OfficeCross-boundary Wealth Management Connect Scheme in the Guangdong-Hong Kong-Macao Greater Bay AreaGlobal Financial Leaders' Investment SummitHKMA – BIS High-Level ConferenceHong Kong Green Week – Finance Stream
About Us
The HKMA
Governance StructureAdvisory CommitteesThe Chief Executive's CommitteeOrganisation ChartInternal AuditSustainable HKMA
Tender Invitations
The HKMA Information Centre
Exhibition AreaLibraryGeneral InformationGuided ToursSouvenirs
Related Organisations and Links
HKMA-related Organisations and LinksHKSAR Government & Related OrganisationsCentral BanksMultilateral OrganisationsOthers
Join Us
Why the HKMA?What We Do?Current VacanciesOpportunities for Students and Graduates to Join the HKMA
News and Media
Smart Consumers
Data, Publications and Research
Regulatory Resources
Key Functions
About Us

Fraudulent bank websites

inSight

01 May 2008

Fraudulent bank websites

The public should be aware of an increase in fraudulent banking websites.

As mentioned in the materials for my briefing to the Legislative Council Panel on Financial Affairs on the work of the HKMA this week, we have noticed an increase in fraudulent bank websites over the last year or so. The number of these websites, which often look remarkably like the real websites of various banks, reached a peak in 2004 but then declined sharply after the banks introduced two-factor authentication in 2005, in the form of a one-time password generated by those clever tokens given to you by your bank or contained in an SMS message they send to you, or a digital certificate stored in a secure device, to identify you securely when you log on to use on-line banking services or conduct certain on-line transactions. However, the number of fake websites has increased again, from 17 in 2006 to 27 last year (a rise of 59%), and four such websites were reported in the first quarter of this year. This increase is reflected in the number of reports received by our Public Enquiries Service.

Although the reasons for this increase are not entirely clear, it probably has something to do with the ease and relatively low levels of technical skill with which these websites can be set up, and the low cost compared with the potential gains for the crimes behind them. From our contacts with banking supervisors overseas, we understand that the rising trend is not limited to Hong Kong and that there have also been reported cases of bank customers providing sensitive information to the fake websites (including one-time passwords): the Internet really is global, it seems.

I'm sad to say that even the HKMA's own website has been "cloned" and we have received reports of people receiving e-mails, or sometimes telephone calls, telling them that they have won a lottery or otherwise come into some money, from a company that sometimes claims to be linked to or endorsed by the HKMA or a body with a similar name. Sometimes they say that the HKMA is holding the money. The e-mail or telephone call then asks the recipient to transfer funds to a particular account to meet some fee or other that has to be paid before the money can be released to them. The recipient is often asked to go to the fake HKMA website for "confirmation" that the service is genuine. Needless to say, the claims are untrue.

I would therefore like to remind readers that banks in Hong Kong will never ask for sensitive information, such as passwords, by e-mail, over the phone or in person. The HKMA will certainly never do so and does not offer banking or other financial services to the public through its website. We certainly don't hold lottery winnings or other monies for members of the public. There is only one legitimate HKMA website (www.hkma.gov.hk).

Members of the public who use on-line banking services should also, of course, continue to observe the normal security precautions of never accessing bank websites through links sent to them in e-mails or appearing in pop-ups, being very careful about opening suspicious e-mails with attachments from senders they don't recognise, and, most importantly, never giving sensitive information to third parties. There are some useful tips on e-banking security on our website.

The HKMA, the Hong Kong Association of Banks and the Police will be stepping up consumer education in this area. The major banks have also already introduced some additional security measures such as sending customers SMS messages to notify them of high-risk Internet banking transactions conducted on their accounts. I would strongly encourage bank customers to make full use of such services and notify their bank immediately if they discover any suspected unauthorised transactions.

I am confident that legitimate e-banking services offered by banks in Hong Kong remain safe, reliable and convenient to use as long as customers take a few simple precautions.

Joseph Yam
1 May 2008

 

Click here for previous articles in this column.

Document in Word format

Latest inSight
View All View All
Last revision date : 01 May 2008