The breach last month of 21 online banking accounts in Singapore has put the spotlight on computer security and the risks associated with the increasingly popular method of Internet banking in Hong Kong, where the number of fraud cases is high. According to media reports, the systems of the banks in the June 19 case, DBS and the Post Office Savings Bank, were not tampered with. Rather, passwords and user information were gathered from the account holders' home computers. The perpetrator then transferred S$62,000 (about HK$273,000) to his DBS account, withdrew the money and fled to Malaysia. Reports said authorities believed the hacker was a Chinese national, though there were no details of how he accessed the home computers. According to Albert Ng Kam-wing, head of the Commercial Crime Bureau's Technology Crime Division, the passwords and other user information may have been gathered through a Trojan horse program installed on the home computers via infected e-mails. Online banking and bill payment have gained popularity in Hong Kong in the past two years. Market research firm ACNielsen said there were about two million Internet users in Hong Kong and a third of the heaviest users accessed online banking sites at least once a week. Mr Ng said considering there were several hundred thousand Internet banking transactions in Hong Kong each month and only 10 cases had been reported so far, the risk was low. The situation in Singapore highlighted the need for online banking customers to be careful about downloading files from the Internet and wary about e-mail attachments, he said. Online banking fraud fell in Hong Kong in the first half of this year. Two cases had been under investigation this year, compared with eight last year, and the Hong Kong cases were different from the Singapore one, Mr Ng said. One of the Hong Kong cases involved possible fraud by a bank employee, while the other was a dispute over a transfer that might be simply a case of misunderstanding, he said. These are not the type of cases using other people's passwords to transfer money away, he added. Last year, there were several high-profile online banking fraud cases in Hong Kong, one of which involved amounts of about HK$500,000. Since then, banks have lowered transfer limits and established tighter controls over account registration and access. In those cases, no computers were hacked, but information was obtained through so-called 'social engineering', where account holders were convinced to divulge account information over the phone to people posing as bank employees, for example, Mr Ng said. The biggest danger when it came to online banking was that many people were careless about keeping their account information or giving it out, he said. 'The banking system is safe. It's the human factor. People should be aware of their personal data. Bank staff won't ask for this kind of information. And don't write it down on something you can dispose of,' Mr Ng said. An HSBC spokesman said: 'We provide a number of warnings on our sites at all times and regularly inform customers of the need to maintain good security habits.' As more people switch to broadband Internet access, many home computers are left connected to the Web constantly, making them vulnerable to scanning attacks. Computer security experts recommend users update anti-virus programs and firewalls regularly to detect such activities.