Skip to content

Media Statements

Media Statement - Privacy Commissioner Calls for Greater VigilanceBeware of Phishing Emails or Messages Issued by Bogus Government Departments or Banks

Date: 12 March 2021

 Privacy Commissioner Calls for Greater Vigilance
Beware of Phishing Emails or Messages Issued by Bogus Government Departments or Banks

The Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD), noted that there were numerous fraud cases reported recently which involved the use of phishing emails or SMS messages issued from sources pretending to be the Hongkong Post, the Centre for Health Protection, banks or other organisations in order to lure the public into revealing sensitive personal data, including names, phone numbers, bank account login information, credit card information, health and travel records, etc. Some victims had suffered monetary losses as a result.
The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner), Ms Ada CHUNG Lai-ling, said, “Swindlers have employed many different tricks to obtain the personal data of members of the public for gain or deception. I call for greater vigilance when one receives any phishing emails or messages requesting personal data, and members of the public should avoid disclosing any personal data arbitrarily in order to safeguard their personal data and property.”
The Privacy Commissioner reminds members of the public:
On receipt of suspicious emails or SMS messages

  • Authenticate the identity of the sender of the email or message;
  • Avoid opening attachments or clicking links related to unknown sources, and should not disclose any personal data, including online bank account login information, credit card information, etc. to others arbitrarily; and
  • Before providing any personal data online or on social media platforms, find out the identity of the recipient of such information and the reasons for providing the information and understand the implications of disclosing such personal data.

On the use of online personal accounts

  • Monitor the movements of online personal accounts from time to time and watch out for records of unusual activities;
  • Use complex passwords for the accounts, and do not share the passwords with other accounts; and
  • Immediately change the passwords for all relevant accounts if the passwords are suspected to have been compromised.

On the use of electronic equipments

  • Install appropriate anti-virus software;
  • Ensure secure connection to a Wi-Fi network, and avoid using public devices to login online personal accounts; and
  • Do not allow devices to record your login passwords and status.

Keeping abreast of the latest news

  • Pay attention to official announcements from the Government or public organisations to avoid phishing websites or fraudulent calls.

Anyone who suspects that his/her personal data has been leaked may make enquiries or complaints to the PCPD (phone: 2827 2827 or email:
Members of the public should report the matter to the Police or contact Anti-deception Enquiry Hotline 18222 as soon as possible if they discover identity thefts involving the use of their personal data or the commission of criminal offences involving fraud or blackmail, etc.