EditorialHong Kong anti-fraud efforts are working but too many still fall prey to online scams
- Cybercrime is in the headlines and while the amount of money lost in phishing cases has fallen, there is still big money being stolen by online fraudsters. Hopefully, with stronger enforcement and publicity, this will change
If news headlines tell something about the state of society, online scams clearly remain a cause for concern. Over the past few days, there were no fewer than three relevant stories that captured public attention – “Police arrest 43 over 32 cases of cyber fraud totalling HK$28 million”; “Fraudsters tout ‘AI-picked stocks’ as more than 600 Hongkongers duped in July”; “Drop in phishing cases, but cybersecurity awareness still lacking”.
Coincidental as they may seem, the news underlines the need for more vigorous efforts in combating the problem.
The trend is nothing new. But it is telling when many citizens failed in a scam test led by the police and the Hong Kong Internet Registration Corporation, the city’s domain registration service provider.
In the drill involving 10,326 employees from 186 companies, police sent five fake phishing emails to each employee that involved online meeting invites, AI chatbot subscriptions, passcode and email verification requests and questionnaires from food delivery platforms. About 16 per cent clicked at least one of the links, while at least one employee at 114 companies, or 61.6 per cent, opened them.
Most fell for the online meeting invites, followed by the AI chat bot subscription and passcode verification requests from IT. Some companies saw more than half of their employees falling for the fake scam.
The worse case saw one participant clicking on all five emails. A similar exercise last year found 34.6 per cent of participants and 78.9 per cent of firms “phished”.