Advertisement
Advertisement
Scams and swindles
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
Smartphone users would not be aware that hackers had taken control of their device. Photo: AP

Hong Kong police step up cybersecurity campaign as hackers steal HK$147 million – a 16-fold rise – from victims in year

  • Police recorded 47 hacking cases last year compared with 37 incidents and HK$9.1 million lost in 2017
  • Hacked devices included mobile phones, tablets and computers

Hong Kong police have teamed up with five cybersecurity companies to offer free tools for smart device users to scan for and remove viruses as hackers stole HK$147 million (US$18.8 million), a 16-fold increase, from victims last year.

The cybersecurity campaign, which first started in 2017, has been stepped up amid a rise in incidents. Police recorded 47 hacking cases last year compared with 37 incidents and HK$9.1 million lost in 2017. Hacked devices included mobile phones, tablets and computers.

There were six cases in the first two months this year, resulting in losses of HK$200,000 in total.

Chief Inspector Rachel Hui Yee-wai from the force’s Cyber Security and Technology Crime Bureau said applications downloaded from official app stores might also carry viruses which allowed hackers to control a device remotely.

Culprits could then open a browser on the device and draw the user to a phishing website, deceiving the victim into entering personal information such as bank account password or credit card verification number, Hui added.

Superintendent Alice Tsang advised users not to install applications from untrustworthy sources. Photo: Nora Tam

“Overseas cases showed that some hackers also pretended to be bank employees asking a victim to download a remote control app,” Hui said. “They then lured their victim to hand over ID and authorisation to take control of the device or observe on-screen movements. It meant the hackers could get every piece of information the victim entered including, for example, on an e-banking app.”

Hackers could also get access to users’ personal data, including contacts and messages, for illegal use.

Online shopping scams up nearly 35 per cent, say Hong Kong police

The largest single case last year involved a bank in Chile which lost HK$85 million after its server was hacked, resulting in nine unauthorised transactions to four different Hong Kong bank accounts.

The bureau first launched the campaign in June 2017 and provided antivirus tools to computer users on its website. It said people had used the tools to remove more than 734,000 items of malware on their computers – around 33,000 per month on average.

The bureau then extended the campaign to smart devices last August amid looming hacking threats, with three security firms involved. Around 390,000 malicious apps have been removed.

Hong Kong police have run a cybersecurity campaign for close to two years. Photo: Handout

Kenneth Lo Wai-kwong, a senior manager of a cybersecurity company, warned of a form of hacking that used fake battery saver apps to target victims’ e-wallets, such as PayPal, and bank accounts.

“Hackers adopt an ‘overlay’ technique and control a smart device but the victim is unaware. They can bypass two-factor authentication and transfer money out of the victim’s account in less than five seconds,” Lo warned.

Phone scammers cheat mainland student in city of more than HK$3 million

Superintendent Alice Tsang Nga-sze advised users not to install applications from untrustworthy sources, or click on suspicious hyperlinks and dubious emails. She also urged users to seek help from IT professionals if their devices appeared to have unusually fast battery consumption, became heated, or displayed unknown applications or transactions, as these might be signs of hacking activity.

“Prevention is always better than cure,” Tsang said.

Post