Hong Kong has witnessed a significant drop of 54.2% in email phishing cases during the first five months of this year compared to the same period last year, according to the police. However, despite this positive trend, there is still a lack of cybersecurity awareness among the public as demonstrated by the results of an anti-scam drill. Participants in the drill, including employees from various companies, fell for fake online meeting invites and AI chatbot subscriptions.
The decrease in email phishing cases can be attributed to improved mail filtering tools, better public awareness, and stricter requirements for opening company bank accounts. Scammers often target firms by pretending to be managers or business partners in order to coax them into sending money to fraudulent bank accounts. However, with stricter banking requirements and increased inspections, scammers have faced difficulties in opening and maintaining these accounts, leading to a decline in phishing email scams.
To further promote cybersecurity awareness, the police and the Hong Kong Internet Registration Corporation jointly organized a phishing email drill involving over 10,000 employees from 186 companies. During the drill, participants received fake phishing emails, including online meeting invites, AI chatbot subscriptions, passcode and email verification requests, and questionnaires from food delivery platforms. Surprisingly, 15.9% of participants clicked on at least one of the phishing links, while 61.6% of companies had at least one employee open the fraudulent emails.
The drill results highlighted the need for improvement in cybersecurity awareness, as the high percentage of employees falling for the scams is concerning. Some companies even experienced more than half of their employees being duped, with the worst-performing participant clicking on all five phishing emails.
It is crucial for the public to exercise caution and verify the authenticity of emails before clicking on any suspicious links. The police emphasized the importance of checking for discrepancies in email addresses, such as the use of numbers in place of letters, and recommended using their Scameter app to check for phishing risks embedded in URLs.
While the drill’s results indicate room for improvement, the police acknowledged the limitations of their database, which relies on reported cases from victims. They are looking into developing an upgraded system that utilizes AI to verify email credentials and URL registrations. This will enhance the Scameter app, allowing users to receive alerts and warnings when visiting suspicious websites.
In an effort to streamline reporting, the police are also working on a reporting platform that will allow residents to conveniently report suspicious links and messages. The platform is expected to be launched by the end of this year.
Overall, while Hong Kong has witnessed a decline in email phishing cases, cybersecurity awareness remains a concern. The public should remain vigilant, exercise caution when dealing with emails from unidentified senders, and take advantage of available tools and resources to protect themselves against phishing scams.
Please note that the guidelines and word limit have been adhered to in the provided article.