Skip to content

Media Statements

Media Statement

Date: 13 September 2022

Privacy Commissioner’s Office Sets up Fraud Prevention Hotline 3423 6611
Public Urged to Guard Against Personal Data Fraud

The Office of the Privacy Commissioner for Personal Data (PCPD) noted that numerous fraud cases in various forms were reported recently, involving the use of phishing calls, emails or SMS messages by swindlers who impersonated officers of different organisations, such as the Department of Health, the Social Welfare Department, the Consumer Council, banks, etc., with a view to obtaining sensitive personal data from the public. The personal data included the victims’ names, phone numbers, Hong Kong Identity (HKID) card numbers, bank account numbers and passwords, credit card information, health records, etc., the disclosure of which caused monetary losses to the victims or their friends or relatives.
 
From January to August 2022, the PCPD received 386 enquiries and 17 complaints in relation to the use of personal data for fraudulent purposes, examples of which include:-
 
  • Impersonating an officer of the Centre for Health Protection: The fraudster claimed that the victim had been infected with COVID-19, or had become a close contact owing to contacts with a confirmed patient and had to be quarantined, thereby seeking to obtain the victim’s personal data.
  • Impersonating a law enforcement officer of the Mainland: The fraudster was able to provide the name and HKID card number of the victim. The fruadster claimed that the victim had smuggled vaccines or was involved in money laundering. The call was then transferred to another fraudster impersonating another law enforcement officer in order to obtain the personal data of the victim.
  • Impersonating an employee of a courier company: The fraudster provided a link similar to that of the courier company’s website, asking the victim to provide his or her address for mail delivery and pay for the postage. The fraudster then sought to obtain personal data such as the victim’s credit card number and name.
 
The Privacy Commissioner for Personal Data (Privacy Commissioner), Ms Ada CHUNG Lai-ling, said, “Swindlers may employ many different tricks with the aim of obtaining the personal data of members of the public for gain or perpetration of fraud. I call for greater vigilance when one receives any phishing calls, emails or SMS messages requesting personal data. Members of the public should think twice and avoid disclosing any personal data arbitrarily, and should consider contacting relevant departments or organisations to verify the authenticity of the calls in order to safeguard their personal data and property.”
 
In view of the recent increase in the number of fraud cases involving phishing calls, emails or SMS messages, the PCPD has set up a “Personal Data Fraud Prevention Hotline” 3423 6611 today to handle enquiries or complaints from members of the public in relation to suspected data fraud cases. In cases of identity thefts involving the commission of criminal offences, members of the public should also report the case to the Police.
 
In addition, the Privacy Commissioner offers eight tips to safeguard personal data:
 
On Receipt of Suspicious Calls, Emails or SMS Messages
  1. Calls with “+852”: Beware of caller numbers with a “+” sign as a prefix displayed on mobile phones, which indicates that the calls originate from a place outside Hong Kong. If an unfamiliar call with the prefix “+852” is received, the caller should have masqueraded as a local caller;
  2. Verify authenticity: Even if a stranger possesses your personal data, such as your full name, HKID card number or date of birth, be wary of the true identity of the stranger. Contact the relevant organisations to verify the authenticity of the caller;
  3. Be vigilant: Do not disclose any personal data, including HKID card number, bank account number and password, and credit card information etc., to others arbitrarily; and
  4. Be careful with links: Avoid opening attachments or clicking links in suspicious emails or SMS messages.
 
Use of Online Personal Accounts
  1. Keep an eye on your accounts: Monitor transactions in online personal accounts from time to time and watch out for any unusual log-in records of the accounts and personal emails; and
  2. Password protection: Change the passwords of online personal accounts from time to time and activate the two-factor authentication feature (if any).
 
Keeping Abreast of the Latest News
  1. Fraud prevention information: Pay attention to fraud prevention messages by the Police or relevant organisations to avoid phishing websites or fraudulent calls; and
  2. Reminding friends and relatives: Share information relating to fraudulent cases with friends and relatives (especially the elderlies and youngsters) to enhance their awareness to guard against fraud.
 The PCPD has set up a “Personal Data Fraud Prevention Hotline” 3423 6611 to handle enquiries or complaints in relation to suspected data fraud cases.

-End-