+ (852) 5110 3944


+ (852) 2804 0889



Phishing email - HKWJ Tax Law

Phishing Emails & Hackings Protection

There have been a recent increase in the number of fraudulent emails also called phishing emails. A fraudulent email is a method used by the hackers/fraudsters to lure you into providing your personal information/account data and transferring monies into a fraudulent account.

The on of the most common types of frauds are fraudulent email schemes. It can be as simple as a spam or phishing email to more technical scheme such as spoofing and anything in between such as CEO fraud and business email compromise. Many more advance fraud schemes also use fraudulent emails so learning to recognise these will prove to be critical to protect your business and yourself.

How to Recognise a Fraudulent Email ?

In general, a fraudulent email can be indicated by one and/or more of the following:

  1. Requesting sensitive information via email
  2. Using generic salutations instead of addressing by your name
  3. Phishing email domain/third party domain
  4. Forcing you to visit a website
  5. Attaching unsolicited attachments

A more sophisticated fraudulent email scheme is where the fraudsters will use a combination of schemes to make it less obvious to be spot out. For example, a fraudster will use the spoofing scheme to obtain sensitive information/data he/she wants from a targeted company, once the fraudster has obtained enough information, the fraudster will then use those information obtained to trick the victim in believing he/she is dealing with the real company.

Phishing Scam Case Study

One of our clients, a European based customer, which has been dealing with and ordering products from its Mainland Chinese supplier for many years. Sometimes the payments for these products are paid into a Mainland China bank account although from time to time also a Hong Kong bank account is used. Further, the usual contact person in Mainland China for the European customer is Alex Cheng and his email address through which communications and orders take place is alex.cheng@trade-emissions.com.

On August 7th, the European customer makes a new order with the Mainland Chinese supplier and is told by Alex Cheng through his email account alex.cheng@trade-emissions.com to transfer USD 50,000 into its Mainland China bank account as a 30% down-payment.

One hour later, however, the European customer receives a new email from Alex Cheng stating this time that due to a changed management decision the USD 50,000 should be paid into the Hong Kong bank account of the Mainland Chinese supplier instead. The latter email is sent by Alex Cheng from his email account alex.cheng@trade-emisions.com but it also provides that the usual bank account number and name has slightly changed. The European customer subsequently makes the transfer to this adjusted Hong Kong bank account.

The following day on August 8th, the European customer calls Alex Cheng informing him on the payment into the Hong Kong bank account. It is not until this time, that both the European customer and the Mainland Chinese supplier realise they have been subject to an e-mail scam as the ‘real’ Alex Cheng never requested the payment to be made into a Hong Kong bank account: the request came from a ‘fake’ email address whereby ‘emissions’ was spelled with one ‘s’ instead of the usual double ‘s’ in the middle.

The most convincing reason for this to have had happened, it is articulated that the fraudster has used spoofing scheme to ‘hack’ the Mainland Chinese supplier’s network and to obtain confidential and sensitive information/data about the European customer and the transactions that they are involved. After obtaining enough information, the ‘fake’ Alex Cheng sent a fraudulent email to the European customer asking the European customer to transfer the monies into a Hong Kong bank account.

What To Do if You Were Scammed?

Obviously, parties could blame each other for either not checking the proper account details or for allowing hackers to break into one’s email system and producing fraudulent emails. However, assuming that both parties have built up a solid relationship between each other for quite some time and also like to continue doing business together, the best solution would be a joint effort to combat this fraud by deceit.

Therefore, the general steps to take after an email hacking or phishing scam are the following:

  • The European customer informs its own bank on the scamming and subsequently request its bank to hold the payment transfer. At the same time, the bank should instruct the overseas bank to withhold the funds in case the said payment is transferred to the scammer’s bank account. Further, a police report in the country of the European customer should be filed;
  • More importantly, a police report should also be filed in Hong Kong. As the Mainland Chinese supplier is closer to Hong Kong than the European customer this reporting might be carried out by the Mainland Chinese supplier;
  • Obviously, it is important to follow up on the above-mentioned actions as soon as possible, preferably within two days, as the Hong Kong police would then still be able to instruct the scammer’s bank to freeze temporarily the movement of the said USD 50,000 as otherwise this amount is likely to have been transferred out already by the scammer;
  • Nevertheless, and assuming the scammer’s bank account has been frozen ‘just’ on time, as such measurement is taken on an interim basis, the European customer is still required to seek an ex parte injunction by way of civil proceedings;
  • This ex parte injunction would normally be a so-called Mareva injunction, which restrains the scammer from removing or in any way disposing of or dealing with or diminishing the value of his assets in Hong Kong up to the value of the claim, in this case USD 50,000. As such injunction has far going consequences, one would also need to consider the balance of inconveniences to both the European customer and the scammer;
  • If during the Mareva injunction hearing the scammer does not show up, an interim judgment is issued, which usually becomes a default judgment after 3 weeks. Once it becomes such default judgment, the scammer’s bank has to be confronted with this judgment by means of a so-called Garnishee Order. The latter order usually takes 3 weeks as well.

In order for the European customer to retrieve his monies back, he needs to act swiftly and work in a team together with his Mainland Chinese supplier. In addition, the relevant judicial procedures need to be carried out, but once all successfully executed, the European customer should be able to retrieve his monies back in about 8 weeks’ time (minus costs involved).

    Ready to Get Started?