Bank of China Hong Kong and Hang Seng Bank have both issued warnings in recent days about Web-based attacks targeted at bank customers in Greater China.
On August 23, Hang Seng Bank alerted consumers to a fraudulent website using the domain name 'hangsengbank-hk.com'. The site today appears offline today, but the domain name was only first registered on August 20, 2016. That means the window for malfeasance lasted at most three days before Hang Seng Bank issued its warning.
This fraudulent website requested customers to provide details about their Hang Seng Bank accounts. Hang Seng's legitimate domain name and website is found at hangseng.com.
And on August 16, Bank of China Hong Kong warned bank customers of a phishing attack emanating from the domain at 'bochk.orbisfn.net'. The design of this fraudulent website is similar to the official online banking login page of BOCHK, and it intends to steal customers' personal data. BOCHK's true and legitimate website is found instead at bochk.com.
Neither Hang Seng nor Bank of China Hong Kong have reported how many users' accounts have been compromised or affected. But both banks have reported the incidents to local police for investigations.