Scammers steal real social media followers to make fake Hong Kong business page

[ad_1]

Scammers have hijacked social media pages with legitimate followers and cloned them to look like Hong Kong travel agency EGL Tours in a bid to fool the public into handing over cash for cheap deals, the firm has said.

The firm on Tuesday said it was alerted to the tactic after an overseas religious centre contacted the company to complain that EGL Tours had hijacked its Facebook page.

“Last week, a Buddhist education centre in Myanmar actually reached out to us, and was very angry that we had taken over its account,” James Lam Ming-miu, the general manager of foreign independent travel and wholesale at EGL said.

“That’s when we realised these scammers were no longer just buying followers to make their pages more believable.

“They have started hacking existing profiles for their followers. We had to explain to them we were victims of these scammers too.”

Hong Kong’s EGL Tours travel agency criticised Facebook for being too slow to award its “blue tick” authentication symbol. Photo: AP

Lam was speaking after a surge in bogus social media accounts that posed as Hong Kong travel agencies with fake travel offers to tempt the unwary sparked a complaint from the Travel Industry Council to police – and an industry warning to the public to take care.

EGL Tours said up to 108 Facebook pages designed to mimic the agency’s social media account had been detected and that it had logged more than 20,000 customer inquiries related to scams over the past four months.

The company said it knew of 60 people who had been tricked into handing over cash to fraudsters, with the biggest amount lost being HK$36,000 (US$4,617) for what was said to be two round-trip business class air tickets to Manchester in the UK.

The executives also criticised Facebook for being slow to give the company’s official page its “blue-tick” verification.

The company said the safety measure was only granted after it contacted Meta, Facebook’s parent company, four times, sent an email to founder Mark Zuckerberg and dispatched a legal letter to the social media giant.

Hongkongers scammed out of HK$705 million in 9 months amid fresh alerts by telcos

Steve Huen Kwok-chuen, EGL Tours executive director, appealed to Meta to “seriously handle the severe problem of fake or impersonated Facebook pages, as well as lay out clear guidelines on getting pages verified on its platform”.

Alex Chan Chung-man, of cybercrime tracker the Hong Kong Computer Emergency Response Team Coordination Centre, earlier said that the number of phishing scam reports in the first 10 months of 2023 had jumped by more than 20 per cent year on year and accounted for half of cases logged.

Chan told a radio show that the centre had handled about 6,300 internet safety reports so far this year, including about 3,000 phishing scams.

He said that phishing fraud methods were low-cost and highly efficient and had become the main tactic used by scammers in recent years.

“They will use new technologies like planting malicious links in QR codes, which lead to phishing websites,” he explained.

Hong Kong accountant loses HK$700,000 in phishing scam, joining 1,408 others

“Hackers take over WhatsApp accounts and collect the contents of the conversations and photos of the victims,” Chan said.

“They then use artificial intelligence to create fake videos asking their friends for money. When their friends see these videos, they would trust the fraudsters.”

Chung warned the public not to post personal information, such as photos or videos that showed their faces and voice as hackers can hijack them to create convincing fakes.

He said the police had received at least 71 fraud reports last week about phishing messages that appeared to be from electronic payment company Octopus, which had led to people losing more than HK$210,000.

Octopus last week warned users to be on the alert for phishing messages with links to unauthorised websites or mobile apps which asked people to provide mobile phone numbers, verification codes and other personal information.

[ad_2]

Source link