More Information
- Hong Kong lawmaker Regina Ip falls victim to HK$500,000 cybertheft
- Regina Ip loses US$65,000 in e-mail scam
First published: 06th February 2015
Legislative Council Member and former Secretary for Security Regina Ip has, perhaps unintentionally, boosted awareness of online security by revealing that about HK$500,000 was stolen from her bank account following an email break-in. She received an email apparently from her friend, MTR Corporation chairman Dr Raymond Chien, saying, 'Regina, I need help. Urgent. Please open the attachment', but Chien contacted her hours later, saying that his email had been hijacked and advising her to change her password. Being busy, she forgot and only found out on Tuesday, 4th February that US$65,000 had been withdrawn from her Swiss bank account when bank staff informed her. Ms Ip believes the criminals found an instruction she once made to the bank to transfer a sum in US dollars to an account in the United States, and they then forged a letter to the bank for the transfer.
The Police have categorised the case as obtaining property by deception, and advised the public to avoid downloading documents from unknown sources, change passwords regularly and avoid using the same password for multiple accounts. While the Police advice covers some of the biggest risks, it is unclear if it would have prevented this incident. Ms Ip believed she knew the source of the document: Dr Chien, while it was, in fact, Dr Chien's hijacked email account.
Ms Ip is to be praising for sacrificing her own reputation to bring public attention to the potential consequences of momentary inattention and misjudgement when using information technology. Dr. Chien has not publicly commented on his mistake. As Secretary for Security, Ms Ip was the member of the Hong Kong Government in charge of the Security Bureau, which is responsible for public safety, security, and immigration matters. Surely, during that time, she was comprehensively briefed on cybercrime and common tricks used by criminals in scams.
What can we learn from this crime?