HKCERT Advice: Apply Proper Personal Information Protection and Beware Phishing and Related Malicious Attacks

Hong Kong, 18 July 2022) Large-scale data breaches have been happening at high frequency around the world recently. They involve different industries, such as finance, hospitality and information technology. The most serious incident of the year allegedly involved 1 billion personal data. Information security is now part of daily life. The advancement of technology has allowed hackers to expand the scope of attacks for profit with new attack techniques emerging one after another. This makes information security a more concerning issue to Internet users. Hackers can use the information obtained illegally, such as e-mails, phone numbers and passwords, to launch cyber attacks on individuals or businesses, incurring financial and reputational loss.

One example of such attacks is that hackers will try to pretend to be someone the victims know in real life and send spoofed email or instant message, to gain their trust and lure them to click on phishing links. In view of this, as a local information security expert, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council calls on individuals and enterprises to always pay attention to cyber security and to take steps to secure their data properly.

Below are some simple advice from HKCERT and the Office of the Privacy Commissioner for Personal Data to prevent data leakage:

Do not open suspicious emails or messages to prevent phishing
Never open hyperlinks or download any attachments from unknown emails
Never disclose your personal data including identity card, bank account and credit card information via email or any unknown websites
Never disclose or share your password with others
Never login your online bank account or any sensitive online accounts through public Wi-Fi
Handle transactions of e-wallet from email with due care. Never sign or confirm without verification
When using any online services, change your password regularly and enable multi-factor authentication
Download operating system or application from official sources and keep them up to date
More information:

HKCERT Data Protection Guidelines:
Privacy Commissioner Calls for Greater Vigilance. Beware of Phishing Emails or Messages Issued by Bogus Government Departments or Banks:

For information security related incidents, for example, ransomware, phishing, denial of service attack, etc., please report to HKCERT through its online Incident Report Form at For other enquiries, please contact HKCERT by email: or call its 24-hour hotline: 8105 6060.

Comments are closed.