Risk Horizon
Live

Intelligence generated by AI from public regulatory sources. Not investment or regulatory advice. Verify before relying on any output.

Back to Intelligence
IncreasingMedium2026-05-29

HKMA alerts public to bank-related phishing and scam websites

Banking SupervisionOtherGeneral RegulatoryRetail BankingHong KongConf: High
Regulatory Event

HKMA issued a public alert regarding fraudulent websites, phishing emails and scams impersonating a licensed bank.

Analysis

HKMA flagged fraudulent websites and phishing campaigns targeting bank customers. It reiterated that banks do not send SMS or emails with embedded hyperlinks for transactions. Signals continued elevated impersonation risk in Hong Kong retail banking channels.

Relevance

Heightened phishing activity increases conduct, operational, and reputational risk exposures for retail banks operating in Hong Kong.

Required Action

Action Required

Review customer fraud controls, phishing detection, and external communications policies; reinforce customer education on impersonation scams.

Justification

Recurring HKMA scam alerts indicate sustained fraud pressure requiring continuous control reassessment.

Control Commentary

Fraud and cyber risk remains elevated following HKMA scam alert. Controls over phishing detection, customer authentication, and brand monitoring should be reassessed; customer awareness messaging should be refreshed.

Source

The HKMA alerts the public to a press release from a bank concerning fraudulent websites, phishing emails and other scams, reminding that banks do not send SMS or emails with embedded hyperlinks directing customers to transact.

Scam alert related to banks

Published: 2026-05-28

RH-2026-05-28-011