Bank refuses to comment on compensation to recent victims Hong Kong's biggest bank yesterday announced it had made a series of changes to its online banking service to protect accounts from 'money mules' working for overseas cyber-crime syndicates. The changes follow the recent discovery that a dozen HSBC customers had lost more than $660,000 in a sophisticated sting that led to the arrests of 11 people suspected of being local members of the syndicate. HSBC again refused to describe how it planned to compensate victims of the cyber-fraud, despite growing evidence that the phenomenon of bogus websites and e-mails, known as 'phishing', is costing banks millions worldwide. Hong Kong police are investigating links between the alleged 'money mules' arrested last week and the masterminds of the cyber-attacks, most of whom, it is believed, are based in Eastern Europe. The Hong Kong suspects are alleged to have used stolen identities to transfer all the funds in victims' accounts to their own accounts, then remitted the money - minus their 10 per cent fee - overseas. Under the measures announced yesterday, nearly 800,000 users of HSBC's online banking service must reapply to use the service and set a limit for their online third-party transfers. No online transfers are possible until customers have re-registered for the service. HSBC officials yesterday also apologised for the confusion caused over the weekend after it implemented changes without warning on Friday night. Peter Brooks, senior manager of HSBC's Automated Channel Development, said the overseas syndicates that fraudulently obtained customers' bank and personal details were increasingly relying on local intermediaries to transfer the stolen money offshore. 'They are localising the fraud and using these money mules to transfer the cash overseas,' Mr Brooks said. He urged all online customers to change their passwords immediately. Dorothy Sit, head of HSBC's Personal Financial Services, refused to elaborate on the compensation open to victims of attack.