Risk Horizon
Live

Intelligence generated by AI from public regulatory sources. Not investment or regulatory advice. Verify before relying on any output.

Back to Intelligence
IncreasingMedium2026-06-15

HKICL warns of fraudulent FPS refund website impersonation

Banking SupervisionOtherGeneral RegulatoryPaymentsHKMAConf: High
Regulatory Event

HKMA flagged a fraudulent website impersonating HKICL to harvest banking credentials via fake FPS refund pages.

Analysis

HKICL identified phishing domains mimicking its FPS refund platform to steal login credentials and bank account details. Victims are routed to fraudsters posing as customer service. Signals continued targeting of Hong Kong's retail payments rails through social engineering.

Relevance

Heightens fraud risk for retail banks and FPS participants; warrants customer awareness and transaction monitoring uplift.

Required Action

Action Required

Update phishing blocklists, alert customers, and review FPS-related fraud monitoring controls.

Justification

Direct impersonation of payments infrastructure operator indicates active phishing campaign against banking customers.

Control Commentary

Phishing campaign impersonating HKICL FPS refund portal increases retail fraud exposure. Recommend blocklist updates, customer alerts, and enhanced FPS anomaly monitoring.

Source

The Hong Kong Interbank Clearing Limited (HKICL) has noted a fraudulent website purporting to be from HKICL, tricking users into giving away login credentials and bank account information via fake FPS refund pages.

HKICL alerts public of fraudulent website

Published: 2026-06-15

RH-2026-06-15-002