The Monetary Authority warns consumers to beware of fraudulent bank websites and emails.
It urges consumers be wary of 'phishing' syndicates. Phishing is a form of fraud in which victims receive fake emails, allegedly sent from banks, asking them to provide sensitive personal and account information to a fake bank website accessed through a link embedded in the email.
Criminals send out millions of phishing emails worldwide every day with the aim of duping unsuspecting account holders. People should be cautious when handling email purporting to come from banks, and should never access bank websites through links embedded in emails.
No bona fide bank in Hong Kong will ask customers to access its website through an email link, and any email asking this should be treated with suspicion.
Prompt reports essential
Customers receiving suspicious email should report it immediately to their banks, Police, and the authority. Suspicious email should be forwarded to the authority at hkma@hkma.gov.hk.
Customers should never access their accounts through Internet search engines, pop-up windows, or other doubtful channels. Internet banking should be conducted through the bank's website, either by typing the website address in the address bar of the browser or by bookmarking the genuine site.
Further information and advice can be found on the authority's website and on the websites of most banks.
Two-factor authentication urged
Banks are urged to implement two-factor authentication for high-risk retail Internet banking transactions by the middle of 2005.
Under the arrangement, banks will adopt a second factor, in addition to the password as the basic factor of authentication, for customer authentication. Examples of second-factor authentication include digital certificates, one-time passwords generated by a security device, and SMS-based one-time passwords.
Go To Top
|