The world is digitalizing swiftly, and so are cybersecurity attacks. The rising demand for artificial intelligence, social media, and e-commerce platforms has made life more convenient but has also opened new back doors for cyber criminals. In Hong Kong SAR of China, a vibrant and booming economy embracing technological advancement, cybersecurity attacks are becoming increasingly common. In the first half of 2024, the Office of the Privacy Commissioner for Personal Data (PCPD) received nearly 600 inquiries regarding fraudulent activities targeting personal data, representing a significant 90% increase compared to the same period last year 2023. Many of these scams involve phishing attacks and aim to swindle Hong Kong citizens out of money and personal information. This report explores the various types of scams and provides six essential tips to prevent fraud and protect yourself against cyber security attacks.

Types of Fraud Scams in Hong Kong

1. Instant Messaging Applications Scams

• Account Hijacking: Cyber criminals gain access to instant messaging accounts, impersonating victims to deceive contacts into sharing personal information or sending money.
• Impersonation of Authorities: Scammers pose as government officials or public bodies to send fake messages designed to extract personal data or financial information.

2. Scams on Social Media Platforms

• Fake Travel Agencies: Fraudsters create counterfeit pages on social media, posing as travel agencies to sell bogus travel packages, including hotels, dining, and flights.
• False Advertisements: Scams involve deceptive ads on social media, tricking users into sharing personal data or participating in fraudulent investment schemes.

3. Scam Videos Using Artificial Intelligence (AI) Technology

• Deepfake Manipulation: Scammers use AI deepfake technology to create videos featuring manipulated footage of public figures or celebrities, convincing victims to invest in non-existent schemes.
• Biometric Data Exploitation: Fraudsters obtain biometric data, such as facial images and voices, to produce deepfake videos impersonating friends or family to extract money or personal data.

4. Phone Calls Scams

• Fake Customer Service Calls: Scammers pretend to be customer service representatives from reputable organizations, tricking victims into providing personal information or transferring money.

Six Tips to Prevent Fraud

To secure your personal data privacy and protect against fraud, the PCPD offers the following tips to prevent fraud:

1. Be Watchful:
   • Verify the purpose of any data collection and avoid sharing personal data arbitrarily. Be cautious with suspicious links, QR codes, and websites.
2. Monitor Accounts and Transactions:
   • Regularly check online banking accounts for unusual activity, unauthorized transfers, or transactions to catch fraud early.
3. Password Protection:
   • Frequently change online banking passwords and enable two-factor authentication (2FA) and multi-factor authentication (MFA) when available. Never share passwords with others.
4. Smart Use of Social Media and Messaging Apps
   • Limit the sharing of biometric data like photos and videos on social media. Review and update security and privacy settings regularly.
5. Authenticate Callers’ Identities
   • Verify the identity of callers, even if they make video calls or have personal information. Use alternate contact methods to confirm their authenticity.
6. Stay Informed on Fraud Prevention
   • Keep updated on fraud prevention tips from the PCPD, police, or relevant organizations. Share this information with others, especially elders and youth, to enhance awareness.

Growing Threat of AI Deepfake Technology

To illustrate the ease of creating fake videos in the AI era, the Privacy Commissioner for Personal Data, Ms. Ada CHUNG Lai-ling, demonstrated instant face-swapping through AI deepfake technology in a short video, watch the video at: https://youtu.be/76x0aOzLHVo. This demonstration underscores the potential dangers of deepfake technology in the hands of fraudsters.

Additional Online Fraud Prevention Tips

Beyond the six essential tips, consider the following actions to further protect yourself and your organization:

• Avoid Insecure Information Sharing: Be cautious with sharing sensitive information, especially on unsecured platforms.
• Monitor Transactions: Keep a close watch on financial transactions to catch any fraudulent activity early.
• Implement Employee Training: Educate employees on recognizing and avoiding fraud, both online and offline.
• Conduct Surprise Audits: Regular audits can help identify potential vulnerabilities and deter fraudulent activities.
• Use Two-Factor Authentication: Enhance security by requiring a second form of verification for account access.
• Install Computer Security Measures: Keep systems updated with the latest security patches and antivirus software.
• Practice Safe Internet Use: Be mindful of the websites you visit and the information you share online.

By staying informed and adopting proactive measures, individuals and organizations can significantly reduce the risk of falling victim to fraud in today’s digital landscape. Protecting personal data is crucial for maintaining trust and online security in an increasingly connected world. It’s very important for every single person to adhere by cyber security measures to stay ahead of network & cyber security risks.

If you suspect your personal data has been leaked, you can quickly contact us for immediate action. Moreover, use resources like “Scameter” (www.cyberdefender.hk) to check suspicious phone numbers, email addresses, and websites. Talk with our top rated cyber experts to gain knowledge and learn how you can secure your critical infrastructures. Book a free 1:1 consultation.

Did you find this article useful? Support us on LinkedIn and Facebook.