Fraudsters have tricked a German technology firm’s Hong Kong branch into transferring more than HK$11 million (US$1.4 million) into two bank accounts in one of the city’s biggest email scams so far this year.
The case came to light last month when the director of the Hong Kong branch made a report to police.
An email scammer impersonating a boss from its headquarters in Germany asked the director of the Hong Kong branch in emails sent in March to transfer the money, claiming the head office needed the funds for acquisition purposes.
Do you have questions about the biggest topics and trends from around the world? Get the answers with SCMP Knowledge, our new platform of curated content with explainers, FAQs, analyses and infographics brought to you by our award-winning team.
“Because the fraudster could accurately address the director’s name in the emails, the victim then lowered her guard, followed the instructions and transferred the money into designated bank accounts [controlled by scammers],” police said on their Facebook page.
As instructed, the director transferred HK$11.36 million in total into two local bank accounts through seven transactions between March 7 and 9.
According to police, the victim realised it was a scam when she reported the money transfers to the head office.
Email scammers typically hack into the email systems of the target company or its business partners and spy on their exchanges.
They usually gain access to a company’s sensitive information by embedding a virus inside an email, such as a job application with a resume attached. Opening the document allows the virus to infect a company’s servers, giving crooks access to information about the business, its top executives and clients.
Fraudsters then use the information to impersonate senior managers of the company or its business partners and order money transfers using different excuses.
Last year, Hong Kong police handled 549 reports of commercial email fraud and scammers bagged HK$1.53 billion.
The number of email scams involving businesses increased from 693 in 2017 to 767 in 2020 and the amount involved rose 154 per cent to HK$2.25 billion from HK$883 million.
To combat commercial email fraud, police have targeted holders of bank accounts that were used to collect and launder the proceeds of crime. Account holders could face prosecution for money laundering – an offence that is punishable by up to 14 years in jail and a HK$5 million fine.
More from South China Morning Post:
This article Email scammers cheat Germany-based tech company’s Hong Kong branch out of HK$11.36 million first appeared on South China Morning Post