If a bank sends your company an email with an attachment, be careful about opening it. The file could be a malware that would lead you or others in finance to websites that looked like banks' actual sites, where you then type in your security code and log-in details, a scam which has already fooled several people in Hong Kong.
The South China Morning Post reports that more than HK$9.6 million held in company bank accounts was targeted in a sophisticated e-mail scam that tricked 13 people into revealing the code generated by personal security devices banks issue for customers to conduct transactions online.
Users only noticed they were being tricked when they received text messages from the actual banks notifying them about the transactions. They called the banks to stop the transactions but not every one was successful.
Although HK$9.66 million was involved, only HK$2.8 million was successfully transferred to overseas accounts, some in Britain, the United States, the Czech Republic and the mainland, police told the Post.
The Monetary Authority said that since January it had received reports from three banks, saying there had been 34 victims, involving HK$3.3 million in losses.