The Hong Kong Monetary Authority has uncovered a bumper crop of phishing operations and fake banking websites this month.

Standard Chartered Bank (Hong Kong) Limited has become aware of a fraudulent 'Standard Chartered' website, which it says may target clients who register for the government’s Cash Payout Scheme. It is at http://schbonlinehk.com/ whereas the bank’s official website is at https://www.sc.com/hk/ and the bank’s webpage for the Cash Payout Scheme is https://www.sc.com/hk/10000-cash-payout-scheme/.

Hang Seng Bank is asking the public to be vigilant for fraudulent promotional materials purporting to be from the bank that are being circulated on social media and instant messaging platforms. Such materials have been found to contain a QR code that leads to a fraudulent website named ‘HUNDSUN.’ This fraudulent website uses the domain name ‘www.hshengwh.cn’ and displays the bank’s logo. The Bank does not have a subsidiary named ‘HUNDSUN.’ Its official website is at www.hangseng.com.

The Bank of Singapore is telling its clients and members of the public that it has found a fraudulent website:

• hxxps://aarm-tniad[.]mil[.]id/sts-login/?client-request-id=Z2FyeS5sZXVuZ0BiYW5rb2ZzaW5nYXBvcmUuY29t#bankofsingapore[.]com?_task=review_held_messages

This publication could not make use of the link.

OCBC Wing Hang Bank is alerting its customers and members of the public to a fraudulent website at www.ocbcwhhkk[.]com or, in an earlier version of its alert, www.ocbcwhk[.]com. OCBC Wing Hang has no connection with this website. The official OCBC Wing Hang website is found at www.ocbcwhhk.com.

Livi Bank Ltd is alerting customers and the general public to beware of a number of fraudulent websites purporting to be from livi. These sites use web addresses with the prefix “www-livibank-com.” It has no connection with these fraudulent websites. The list is:

• http://www-livibank-com.exllex.com/en/
• http://www-livibank-com.yc-hy.com/en/
• http://www-livibank-com.hnlyll.com.cn/en/
• http://www-livibank-com.keymensoft.com.cn/en/
• http://www-livibank-com.bhmmyx.cn/en/
• http://www-livibank-com.jqam8.cc/en/
• http://www-livibank-com.mcfxfl.com/en/
• http://www-livibank-com.gzqdu.cn/en/
• http://www-livibank-com.szbestjd.com/en/
• http://www-livibank-com.xinhuazgz.com/en/
• http://www-livibank-com.czfla.cn/en/
• http://www-livibank-com.m9f2389e.cn/en/
• http://www-livibank-com.cnyingke.cn/en/
• http://www-livibank-com.fcsjmy.net/en/

A fake Instagram page alert has gone out. ZA Bank is alerting members of the public to a fake Instagram account @zabank_promo, and the fake Instagram page at “https://www.instagram.com/zabank_promo/”.

The bank writes: "They purport to be from ZA Bank and provide incorrect information of the campaign programme such as use of invitation code. ZA Bank does not maintain any Instagram account and ZA Group’s official Instagram posts can be found in the account @za_hongkong, and the page is “https://www.instagram.com/za_hongkong/”. Customers are advised to be vigilant of fake news or information. Do not provide any bank account information or personal information to the fake Instagram page. This case has been reported to Instagram for further investigation."

HSBC is alerting its customers to a phishing email which was issued from a non-HSBC email address. The phishing email suggests that recipients should click a link to finish a survey. HSBC disclaims all connection with it and is asking customers not to click any link in this email. It has helpfully published a picture of the email, which starts with the slogan "DEEP THOUGHTS? We want to hear them all." It seems to come from an email address at points@programloyal.com and was sent on 9 June at 8:51am. The subject is "HCBS Rewards are FINALLY here! Get cash & points."

On 10 June, the HKMA says that 10 Jun 2020 Airstar Bank detected a fraudulent website at https://airstar.bltdhk.com - a link that seems no longer to work.

The Swiss private bank Union Bancaire Privée (Hong Kong) has uncovered a small crop of fraudulent website addresses, as follows.
Detected 8 June 8......westoncapitalbank.com
Detected 4 June........http://ubpinvest.com
Detected 3 June........ubpdirect.com
Detected 26 May........www.e-ubp.com

Hang Seng Bank is complaining about fraudulent promotional materials purporting to be from the bank that are being circulated on social media and instant messaging platforms. Such materials have been found to contain a QR code that leads to a fraudulent website named ‘HengShenFX’ - a fraudulent site that uses the domain name ‘www.huanyawha.cn’ and displays the bank’s logo. The bank, needless to say, has no connection with that website and does not have a subsidiary named ‘HengShenFX.’ Members of the public should not access any of its links. The site (which this publication had trouble accessing) is red and white with a hand holding a mobile phone, although there may be slight variations in the promotional materials that it purveys.

The Bank of China (Hong Kong) is alerting the public to a website that provides several downloadable fraudulent mobile applications. This is:

• https :// primeapk.co/developer/Bank%20of%20China%20(Hong%20Kong)%20Limited

The bank declares that it has no connection with the abovementioned website and related mobile applications. When conducting transactions through electronic channels, customers are advised to access their internet banking or mobile banking accounts by typing the bank's web address of www.bochk.com directly in the browser address bar. Customers  should not access such accounts or provide personal information (including passwords) through hyperlinks, QR codes or attachments embedded in e-mails or on websites. Screengrabs show red and white screens of basic design.

The HKMA, without presenting a link to a press release this time, says that Ping An OneConnect Bank (Hong Kong) Ltd has detected the following suspicious mobile apps.     

• http://www.bhrprz.cn/app/88637.html
• http://www.feifeishijie.com/app/35686.html
• https://www.cr173.com/soft/1149829.html
• http://www.dngsos.com/app/88637.html
• https://www.cr173.com/soft/1149818.html
• http://www.12349.net/app/567810.html

An alert about two fraudulent websites has come from the Bank of Singapore. These are listed as:

• hxxps://banksofsingapore.com
• https://conpard[.]com/somtysc/wbmam/domain/?jgoogle=YW5hbWlrYS5ndWhhQGJhbmtvZnNpbmdhcG9yZS5jb20=&xma=c

These websites have no connection with the bank.

The Bank of China (Hong Kong) has uncovered the following.

• https://www.bochkiban.com
• donald.leechung@bochkk.com

The bank says that this fraudulent website and phishing email address intend to steal customers’ data including their internet banking user names, passwords, name, dates of birth, telephone numbers, email addresses, address and savings account numbers, as well as account security questions and answers.

China CITIC Bank International has issued a statement about a fraudulent website, to be found at kawahbankcitic.com.

Lastly, the Bank of Taiwan is warning the public about a phishing email, but the details are not in English.