• Protect your Personal Digital Keys; Beware of Fraudulent Links!
• Keep your details safe
• Be cautious when providing information to others
• Beware of scam emails or phishing websites
• Check your bank statements carefully
• Strengthen the security of your mailbox
• Beware of bogus messages

Protect your Personal Digital Keys; Beware of Fraudulent Links!

Internet banking login credentials, including usernames, login passwords and one-time passwords (OTPs), are as important in the digital world as the keys to their houses are in the physical one, and should be properly safeguarded.

In accordance with the HKMA’s supervisory requirements, the bank will not send SMS or email messages with embedded hyperlinks directing customers to their websites or mobile applications to carry out transactions. Nor will the bank ask customers to provide sensitive personal information, including login passwords and OTPs, via hyperlinks.

If you receive SMS or email messages with embedded hyperlinks requesting you to input internet banking login credentials, these messages should not originate from the bank. You should think twice before clicking any hyperlinks purportedly sent by the bank, and contact the bank immediately if you have any concerns.

Regarding HKMA’s “Protect your Personal Digital Keys; Beware of Fraudulent Links!” information, please click.

Fraud crime is growing and everybody should be aware of it. To protect yourself from being the next victim of fraudulent events, we hope the following tips may help you.  

Keep your details safe

Safeguard your personal information and belongings, including ATM cards, credit cards, cheque books, identity documents, passwords, etc. This will protect you from identity theft, online fraud, card fraud, and more.

Be cautious when providing information to others

Whenever someone request for your personal information, either through phone calls, SMS texts or emails, be cautious and do not respond to these kinds of communications until you have ascertained they are genuine. 

Beware of scam emails or phishing websites

Fraudsters may send out scam emails, which may contain attachments or hyperlinks. Do not open them if you are in doubt, as this is a common trick used by fraudsters to install trojans or spyware to intrude your computer for personal information.  

Check your bank statements carefully

You should check your bank statements carefully, if you spot any transactions you do not recognised, contact us immediately.  

Strengthen the security of your mailbox

Recommend to strengthen the security of the mailbox. This can prevent fraudsters from stealing your letters containing personal information, such as bank statements, credit cards, or tax assessment notice. If you have not received the scheduled letters in time, please contact the relevant organizations immediately.

Beware of bogus messages

To help members of the public verify the identities SMS sender, and prevent fraudsters from sending scam SMS messages masquerading as banks ,effective from 28 January 2024, the Bank will use the following ‘Registered SMS Sender IDs’ with the prefix ‘#’ to send SMS messages to local subscribers of mobile services:

#BANKCOMM
#BOCOM
#BOCOMHK

Please note that the Scheme is not applicable to local subscribers of Single-Card-Multiple-Numbers / One-Card-Two-Numbers mobile service provided by non-Hong Kong operators.

You should stay vigilant to bogus communications or messages of various means or channels, such as phone calls, SMS messages, Whatsapp messages, emails, social media posts or letters, purported to be from banks.
You can get more details by reading relevant materials on the HKMA website (please click here) and the relevant video (please click here).