Scams and Frauds

Staying Safe

 1. Identity theft

Fraudulent Websites

Fraudulent copycat websites are a type of Internet fraud where the fraudsters imitate the websites of reputable or well-known financial institutions when in fact the websites are not authorized or related to the relevant financial institutions in any way. The operators of the copycat websites may claim to be providing investment/banking services. Investors who are taken in will be tempted to part with their money and/or disclose personal information such as pins which the fraudsters may use to swindle investors.

What are the common features of fraudulent copycat websites?

• A fraudulent copycat website usually adopts a website name as address which is very similar to or contains part of the name of a legitimate financial institution, its subsidiaries or associates.

• Fraudsters may copy legitimate websites and build their own with similar URL's to disseminate false information, or to induce unwary investors to transfer funds into their bank accounts or submit personal information.

• Sometimes, fraudsters may also transliterate the name of a legitimate website into a language used by the investors, such as Chinese, as its domain name. Investors may then be led to the fraudulent website when they type in the transliterated name using Internet search engines.

• The fraudulent websites may contain links to the websites of other reputable financial institutions which are not authorized and where there are no affiliations between the fraudsters and the legitimate financial institutions.

• The websites may contain contact details for the public to verify the authenticity of the organizations which are however answered by the fraudsters themselves.

• In general, operators of fraudulent copycat websites will try to create a false impression that their websites represent those of legitimate financial institutions or that they are somehow related or affiliated to the financial institutions so as to swindle investors.

What are "phishing" scams?

• Recently, there is a new tactic called "phishing". Similar to fraudulent copycats, phishing scams use emails to entice recipients to disclose their personal financial data such as credit card/bank account numbers, account user names and passwords/Personal Identification Number (PINs).
  
   
• Similar to fraudulent copycat websites, scamsters usually imitate reputable financial institution such as banks and request the recipients to confirm their personal data due to, for example, system re-installation, etc. As it is difficult to determine the legitimacy of the email and verify the identity of the sender, recipients may unwarily disclose their personal data and facilitate the fraudulent acts.

• Quite often, recipients are asked to click on a link attached to the email to provide the requested information. Yet, the pop-up web pages are fake. Some phishers may even cover the actual URL of their fake webpage by an image displaying another URL which imitates the legitimate one.

How to avoid becoming a victim?

• Verify the website address and the legitimacy of a website with the financial institution concerned directly.

• Avoid using the contact details provided on the website. Find out the contact details from an independent source as scam operators may publish telephone numbers or email contacts on the website which are answered by the fraudsters themselves.

• One way to check the actual URL of a webpage is looking up the “properties” section by right clicking your mouse on the webpage. Then you can verify if this is different from the URL shown on the address bar. Besides, the login page of a legitimate website usually has a security icon (in form of a “lock”) at the right bottom.

Check with the relevant regulators whether the financial institution is properly accredited. You may check the license status of brokerages from the Public Register of Licensed Persons and Registered Institutions of the SFC's website. The Public Register contains the names and addresses of all SFC's licensed brokerages and, where available, their website addresses. In case you have any doubts, contact the brokerage or the SFC for verification.

• Do not submit any personal information or send money to anyone before verifying the legitimacy of the website.
  
   
• Think twice before responding to emails from an unknown third party.
  
   
• Be careful of any email with urgent requests for personal financial information.
  
   
• Check your bank account and credit card statements regularly to ensure that all transactions are authorized and legitimate.
  
   
• Report any suspicious websites and emails to the relevant regulators and the Police.
   
• You may also refer to the Press Releases published by the Hong Kong Monetary Authority regarding some suspicious fraudulent websites.

Besides, you may read another section, “Fake Scam Websites”, to know the common features of scam websites and investor tips. There is also an example of a typical scam website in that section.

Want WebTradeBureau.com to Review Your Site or Program?

Just E-Mail Us all the information about your program and links to the content you promote!
(After submitting your site, our team will review it at our earliest convenience. We make no guarantees that your site will be listed on WebTradeBureau.com  after being reviewed.)