Legal update: Identity theft in Hong Kong: what it is and how to avoid it139月2017
This article was originally published in Around DB Magazine as “Online Offences”.
While the US remains the hub of cybercrime, China is a clear second, and identity theft is a very real issue in Hong Kong. Sam Agars looks into some of the most common scams and how best to avoid them.
In an age where just about everything – including money – is easily accessible online, most people are extra cautious about how they handle their finances. But it’s amazing how many of us don’t really understand exactly what risks we are facing in a world where the internet holds so much of our most important information.
Identity theft is a growing problem across the globe, with the ease of online access seeing it transcend borders. While there are measures one can take to recover lost funds in a case of identity theft, there are also a number of things worth doing to ensure you minimise the risk of finding yourself a victim in the first place.
Know your enemy
According to Hong Kong law firm Tanner De Witt, your online identity includes your social profile, credit card information and overall digital footprint. The many ways these can be exploited include mobile phone hacking, email hacking and romance scams, where people lure singles to compromised websites. Typical cybercrimes also take place following disasters or political upheaval, with cybercriminals posing as charities to extract money and credit card details.
It is also possible for people to have their identity stolen simply by hackers scanning their credit card details or banking passwords.
In Asia, work-from-home scams are the most common form of identity theft. Oftentimes, these involve criminals convincing victims to invest money into a fake business, using the attraction of working from home as their hook. Jeff Lane, a partner in fraud and asset tracing at Tanner De Witt, says that identity theft in Hong Kong has reached significant levels.
“In 2016 we were instructed in more than 60 new cases of fraud, of which around two-thirds concerned CEO fraud [where hackers imitate executives in order to have ‘employees’ perform certain tasks] or identity theft fraud,” Jeff says. “If our own figures as a medium-size independent law firm are extrapolated across all firms in Hong Kong, it is clear that identity theft fraud in Hong Kong is being operated on a very significant scale.”
The growth of identity theft is linked directly to the increased capabilities of the internet and, in turn, the population’s increased reliance on it.
“The use of the internet as a means of conducting trade has exploded in the last decade,” Jeff says. “In the same period the numbers and capabilities of hackers have grown at a similar pace. The increased volume of internet trade means that there are more users online and, with increased numbers of hackers, it is almost inevitable that there has been a corresponding increase in internet/ identity theft fraud.”
While it is possible to go about your business on the internet without a care in the world, in the perceived knowledge the services you are using have the necessary protection, it is important to have protection of your own.
According to Jeff, a few simple steps will leave you far better off, without too much effort. “Install the best firewalls and anti-cyber theft software that you can afford,” he says. “Protect your computers with individual rather than shared passwords, and ensure that all sensitive information relating to your business [accounts, banking details and financial records of bills] are properly and securely stored.
“Have a system of multiple signatories for higher value payments,” Jeff adds. “Educate friends, family and employees of the importance of remaining vigilant at all times when using email, and not to open any mail that looks suspicious. If in doubt, contact your IT staff before opening unsolicited emails.”
Despite your best efforts and the fact that a lot of what Jeff recommends would come as common sense to most internet users, scams are becoming more complex and it is not always obvious you are being hacked. With cybercrime so rife in society, the reality is that just about everyone is at some sort of risk of having their identity stolen.
According to Jeff, the best thing you can do if you think you are a victim is act immediately. “The victim should first alert the police and their bank to try to stop or recall the payments,” he says. “Keep full records of all correspondence and payments made. If the payment cannot be recalled, seek immediate legal advice as several remedies are available for the victim [both civil and criminal], but they must be undertaken quickly.”
If notified quickly, the police can trace your funds to the bank account they have been transferred to and temporarily freeze them. While this is happening, an application is made to the court to permanently freeze the funds.
There are a number of court orders in existence designed to help the victim and, while legal proceedings can be drawn out and recovering lost funds is not a quick process, Jeff says there is often a good chance of success for those who have acted swiftly. By moving quickly, you increase the chance of freezing the account your funds have been transferred to before they are transferred again, in turn greatly increasing your chance of success.
“Recovery of funds can take several months but is often successful if actioned promptly,” Jeff says.
So while avoiding identity theft is obviously the top priority, not all is lost if you do realise you have been compromised, as long as you are ready to act the minute you discover something isn’t right.
If you think you have been the victim of fraud, please contact:
Disclaimer: This publication is general in nature and is not intended to constitute legal advice. You should seek professional advice before taking any action in relation to the matters dealt with in this publication.