HKMA issues scam alert on bank impersonation fraud

HKMA relayed a bank-issued alert regarding fraudulent websites, phishing emails and impersonation scams targeting customers.

HKMA continues its rolling scam-alert mechanism, reminding the public banks do not embed transactional hyperlinks in SMS or email. Banks should ensure communication standards and fraud monitoring align with this expectation.

Persistent impersonation fraud increases conduct, reputational and operational losses across HK retail banking.

Recurring HKMA alerts indicate sustained fraud campaigns requiring continuous control reassessment.

“The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to the press release issued by the bank listed below relating to fraudulent websites, internet banking login screens, phishing emails or other scams, which has been reported to the HKMA. The HKMA wishes to remind the public that banks will not send SMS or emails with embedded hyperlinks which direct them to the banks’ websites to carry out transactions.”