Email Scam Investigation – Digitpol


Email fraud, scams, phishing attacks in Hong Kong happens in most cases when cyber criminals find ways to hack into the email servers or accounts of small and medium companies, often targeting those with business in Hong Kong, China and Asian countries. Cyber criminals gain access to email accounts and search through email accounts looking for sensitive information such as outstanding, unpaid invoices or data relating to financial transactions and business between supplier, vendor and clients.

When cyber criminals identify a sale or a due invoice, the fraudsters then send various fictitious emails from the hacked email account or an email address replicated to the original purporting to be in charge of the sale or due invoice to be paid, the fraudster is then asking for transfers of funds into a nominated bank account in Hong Kong, usually giving an excuse that there is a problem at the bank and an alternative account needs to be used. It is common that the nominated account is in the same name as the company name or with a very slight change such as an extra letter. It is common the bank account to be in the same city as the victim or client.

Email Fraud Investigation Service in Hong Kong

To file a Police report in Hong Kong, this can only be done in person at the police station or by the E-Crime service. The Police will first need to be satisfied that a crime is actually committed, this is done by the examination of evidence and the evidence of a crime. If sufficient evidence is presented the Police take action. Digitpol can assist with compiling further evidence into a report to assist the investigation.

If your company has been targeted by Internet Fraud, CEO Fraud or Email Fraud and Scams and funds have been transferred to a bank account in Hong Kong, we can help you, but only if you act fast and if you have the proof. The first step is to report the crime to the Hong Kong Police, without this, there is no basis for any legal action.

The Common Trends in Email Scam Cases:

Email fraud

Email fraud provides a lucrative business for cybercriminals and internet con artists. Cyber adversaries use emails to trick victims into disclosing highly sensitive data. Most of the email frauds are financially motivated, which is the reason behind their high rate of prevalence. In a report provided by the FBI, email frauds constituted the most extensive forms of internet crime, where they caused losses amounting to US$1.4 billion in 2017. The same report identified business email compromise and fake investment email scams as the topmost techniques used to execute email fraud attacks.

Types of email fraud


1.       CEO fraud/Business Email Compromise

CEO email frauds purpose to compromise the structural organization in a business. They are frauds where cybercriminals gain access to email accounts of high-ranking executives using tactics such as spear phishing. Actors with unauthorized access to such accounts can pose as the legitimate owners and instruct other employees to carry out various operations such as transfer of vast sums of money to overseas accounts. CEO frauds are common due to their high success rates. Executives typically instruct their subordinates through emails, and CEO fraud provides the best opportunities for conducting attacks without detection.

2.       Online banking scams

The internet has enabled organizations such as banks to provide services to customers through the internet. This has led to increased online banking scams commonly executed using phishing attacks delivered via emails. In such a fraud, an unsuspicious victim receives an email claiming that his bank has some problems which can be resolved through login into their online accounts. However, upon clicking the provided link, which can contain the correct URL address, a user is redirected to another website identical to the official online banking platform. The scammers can obtain all credential entered in the dummy website and use them to transfer money from the victim’s account.

3. Sale contract scam: fraudsters know from stolen emails about transactions between company A (the seller) and company B (the buyer). The fraudsters, pretending to be company A, send fictitious emails to company B, claiming that company A’s bank account has changed and requesting transfer of funds to the new bank account which is usually in the same region as the client, vendor or supplier.

4. CEO scam: pretending to be senior management officers of victim companies, fraudsters send fictitious emails to staff in the finance department, seeking the transfer of funds to overseas business partners or to make business investments on an urgent basis. The finance department staff are requested to transfer funds to a bank account.

The misspelt domain name.

This is where the cyber attacker will own the misspelt domain name, which closely resembles the victim or clients domain, but is usually off by one character.

From: “CEO Name”<></>

In this case, anti-spoofing will not identify these messages. Instead, regular expressions can be applied to the From: line in order to identify the misspellings. Below are two regular expressions for a domain called These expressions are useful not just for these scams, but phishing in general. For efficiency, the regexes assume the first character is never changed, which is a fairly safe assumption because otherwise the domain would not look similar enough. Simply copy the pattern and apply to your own domain(s).

Are you effected by Email Fraud ? 

If email fraud, cyber crime or cyber attack happens to you, you need to respond quickly. Email Fraud in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters.

If you suspect that you are, or have been, a victim of banking, email or internet fraud,  the time to act is the most important element. The first approach is of upmost importance, a police report is to be filled at the Hong Kong Police Force, the report needs to be filled instant as the crime is discovered. If the report is filled in time there is a high possibility that the fraudster’s bank account can be seized and the funds frozen.

If you encounter or believe that you have been the victim of online or mobile fraud (i.e. phishing, fraudulent text messages etc.), please send an email to Be sure to attach any supporting documentation such as copies of suspicious emails, text messages and questionable links/URLs.

Digitpol is available 24/7.

Phone HK: +85253360558 / +85239733884 or Europe: +31639220420