E-Banking Fraud


In recent years, some culprits send suspicious emails to victims to induce them to open the attachments contained.  When the files are opened, the victims’ computers are infected by malicious programmes.

When the victims log in their online banking accounts on the Internet, fraudsters will make use of computer technology to display a series of bogus web page interfaces on victims’ computers that entice the victims to input important information (such as login name, password and one-time password issued by a security device). 

Then the fraudsters will use the above gathered information (including one-time password) to complete the double authentication process, and cheat money out of the victims through online banking transfers.

The Police appeal to the public:

Users of the Internet should stay alert whenever they are using computers so as to prevent from being infected by virus or any other malicious programmes.  If the website of the bank seems suspicious in any way, or if there is any abnormality when you log in the web page, then no data should be entered (including user name, password and one-time password).  Users should contact the bank immediately. 

Furthermore, users of the Internet should install in their personal computers anti-virus software and personal firewalls, and update them from time to time for receiving the latest warning on viruses.  Users should also build up the following good habits:

  • Never open any attachment of unidentified emails, and avoid logging in suspicious website or download from which any software.
  • Do not log in online services (such as e-banking) via hyperlinks attached in emails, online search engines, suspicious pop-up windows or other suspicious channels.  Input the genuine network address of the bank in the address box at the top of the browser or record the network address at the Bookmark of the browser to link to the bank website.
  • Do not tell anyone your login password or one-time password through email, telephone or in person.
  • Check transactions in accounts regularly and the details of transactions in notifications from banks (such as short messages sent through mobile phones).  Once any suspicious transaction of bank accounts or web page is identified, the bank should be notified immediately.
  • Follow the security instructions given by the bank when online banking transactions are made.