First published: 25th July 2014
The Hong Kong Monetary Authority (HKMA) has issued an alert about a webpage "http://www.fransongoh.com/wp-includes/images/smilies/smilies/hg/". The webpage purported to be the official website of Hang Seng Bank, Limited (HSB).
The site www.fransongoh.com is apparently the personal website of Franson Goh, Managing Director of Rose Stone Solution that specialises in foreign worker recruitment and consultant services in Malaysia. The pathname of the fraudulent page suggests that a WordPress vulnerability was used to upload the page. The fraudulent page and the entire website was unavailable at the time of writing.
Anyone who used the fake webpage, entering personal information or conducting financial transactions, should contact HSB at 2822 0203 and any local Police Station or the Commercial Crime Bureau of the Hong Kong Police Force at 2860 5012.
Yui Kee Chief Consultant Allan Dyer commented, "People should not think that their personal website is of no interest to criminals. Any location on the web can be used to publish fraudulent webpages. Keep your site secure.