Internet users could have their banking and e-mail passwords stolen after they visit websites that appear to be perfectly normal but whose coding has been altered.
In the first half of this year, the Hong Kong Computer Emergency Response Team Coordination Centre reported it had detected 65 cases of malicious codes injected into websites, up 150 per cent over last year .
Active hacking also increased 20 per cent to 158 cases in the same period, according to the council's executive director Wilson Fung Wing-yip, who spoke at Information Security Showcase 2010 yesterday.
'According to industry reports, a lot of these attacks were connected to organised criminals,' he said.
The prevalence of computer viruses, which can duplicate themselves and infect computers, was declining, centre manager Roy Ko Wai-tak said. But in contrast, code injection into web pages has been on an increasing trend since 2008.
By visiting the sites which have codes inserted into them, Web users will be diverted to another page for a very short period of time and have hostile codes downloaded to their computers, he said.
'An affected website doesn't look any different ... users may not notice codes are downloaded into their computers.'