Risk Horizon
Live

Intelligence generated by AI from public regulatory sources. Not investment or regulatory advice. Verify before relying on any output.

Back to Intelligence
IncreasingHigh2026-06-02

HKMA flags bank-related scam alert on phishing and fraudulent sites

Banking SupervisionAlertGeneral RegulatoryRetail BankingHong KongConf: Medium
Regulatory Event

The HKMA alerted the public to a bank's press release on fraudulent websites, internet banking login screens, phishing emails and related scams.

Analysis

Continued HKMA scam alerts highlight persistent phishing and credential-harvesting attempts targeting retail bank customers. Firms should validate detection rules, takedown timelines, and customer education on unsolicited links.

Relevance

Persistent retail fraud pressure with regulatory expectation for proactive bank response.

Required Action

Action Required

Strengthen anti-phishing controls, login-page monitoring, and SMS/email hyperlink hygiene policies.

Justification

Recurring HKMA scam alerts indicate sustained phishing risk and supervisory attention to fraud controls.

Control Commentary

Reassess phishing detection KPIs, takedown SLAs, and customer communications. Reinforce that banks do not send hyperlinks via SMS/email for transactional logins.

Source

The HKMA alerted the public to a bank press release on fraudulent websites, internet banking login screens, phishing emails or other scams, reminding the public that banks will not send SMS or emails with embedded hyperlinks directing them to bank websites.

Scam alert related to banks

Published: 2026-06-02

RH-2026-06-03-008