These scams tend to target private banks that have wealth management businesses in Hong Kong.
| Banking names that appeared in online scams (2016) |
| Bank of China (Hong Kong) |
| BNP Paribas |
| China Citic Bank International |
| Chong Hing Bank |
| Citibank (Hong Kong) |
| Corporate Finance (D.T.C.) |
| Dah Sing Bank |
| DBS Bank (Hong Kong) |
| Fubon Bank (Hong Kong) |
| Hang Seng Bank |
| OCBC Wing Hang Bank |
| Public Bank (Hong Kong) |
| Shanghai Commercial Bank |
| Standard Chartered Bank (Hong Kong) |
| The Bank of East Asia |
| US Capital Private Bank |
| Wing Lung Bank |
Source: HKMA
For example, a fraudulent website pretended to be the private banking arm of Bank of China (Hong Kong) last year, with the URL “http://home.privateboc-hk.com/privatebanking.html”.
“Fraudsters have been using fake bank websites, phishing e-mails and similar scams,” an HKMA spokeswoman said, but did not explain why the scams have been increasing.
“By nature, such scams cannot be totally prevented by banks or any other parties,” she explained.
That said, a mechanism has been set in place for alerting the members of the public to such scams related to banks. According to the spokeswoman, the HKMA and the affected banks issue press releases and report to the Hong Kong Police Force whenever such scams are identified by the HKMA or the banks concerned.
The HKMA has designated a webpage to list out all the press releases issued for ease of reference by the public.
“With the assistance of the Hong Kong Police Force and other relevant parties, the affected banks will also seek to remove the fake websites or mobile apps as early as practicable once identified,” she said.
Fraudulent websites
There were only eight scams that were reported in 2008, and that has increased to 19 in 2013. That figure has nearly doubled to 37 in 2014 and has remained at that level until the end of last year.
| Year | number of reported scams |
| January 2017 | 4 |
| 2016 | 36 |
| 2015 | 35 |
| 2014 | 37 |
| 2013 | 19 |
| 2012 | 23 |
| 2011 | 21 |
| 2010 | 16 |
| 2009 | 12 |
| 2008 | 8 |
Source: HKMA
The types of scams include fraudulent websites, phishing e-mails, fake or suspicious Internet banking mobile applications and suspicious login screens, such as pop-up windows from Internet banking login processes, according to HKMA information.
Last year, fraudulent websites accounted for a huge chunk of online scams, followed by suspicious apps, phishing e-mails and suspicious log-in screens.
| Kinds of scams in 2016 | number of instances |
| Fraudulent websites | 23 |
| Suspicious apps | 7 |
| Phishing e-mails | 4 |
| Suspicious log-in screens | 2 |
| TOTAL | 36 |
Source: HKMA
However, according to the spokeswoman, the HKMA is not aware of scams that have resulted in any unauthorised e-banking transactions so far.
Like the HKMA, the Securities and Futures Commission also has an alert list, which is a list of entities that are unlicensed in Hong Kong and may have been targeting investors or claim to have an association with Hong Kong.
| Year | Number of reported incidents on SFC’s alert list |
| 2017 | 11 |
| 2016 | 238 |
| 2015 | 219 |
| 2014 | 102 |
| 2013 | 161 |
| 2012 | 130 |
| 2011 | 147 |
| 2010 | 135 |
Source: SFC
Penalties and safeguards
When asked about the penalties related to online banking scams, a spokesman of the Hong Kong Police Force told FSA that any person who obtains unauthorised access to a computer by telecommunications commits an offense and is liable on conviction for a fine of HK$25,000 ($3,223).
Besides the fine, any person who obtains access to a computer with criminal or dishonest intent could be imprisoned for five years, he added.
The spokesman also outlined some guidelines to the general public to keep them safe from fraud, which include refusing to open any attachment from unidentified emails, installing and updating anti-virus software and using different hard-to-guess passwords for different websites.
