Go to main content
 
LCQ2: Police committed to combating technology crimes 
******************************************************
     Following is a question by the Hon Tony Tse and a written reply by the Secretary for Security, Mr John Lee, in the Legislative Council today (April 25):

Question:

     It has been reported that in recent years, some fraudsters randomly sent messages to different mobile phone numbers, requesting the mobile phone users concerned to forward them, through WhatsApp (an instant messaging application) the verification codes for WhatsApp accounts upon receipt. When mobile phone users were hooked, the fraudsters immediately hijacked, by using the verification codes received, the WhatsApp accounts of the mobile phone numbers concerned, and then sent WhatsApp messages, impersonating the mobile phone users, to the relatives and friends of such users to defraud money from them under various pretexts (e.g. borrowing money and purchasing stored-value cards or virtual point cards on their behalf) (instant message frauds). In the first quarter of this year alone, the Police received 270 reports of this type of frauds, with the total amount of money defrauded standing at $2.6 million. Such figures have already surpassed the corresponding figures for the whole of last year (i.e. 146 reports and $1 million), indicating that this type of frauds are on the rise. In this connection, will the Government inform this Council:

(1) of the respective numbers of reports of the various types of technology crimes received by the Police in each of the past five years; among such reports, the number and percentage of instant message frauds, and the respective numbers of those cases in which the suspects were subsequently prosecuted and convicted;

(2) of the standard procedure adopted by the Police for handling reports on instant message frauds, and the difficulties they encountered when conducting the relevant investigation and evidence collection work; whether the Police will refuse to handle such reports on the ground that the informants have not suffered any monetary loss and whether the Police will provide the informants with assistance, e.g. assisting them in preventing their relatives and friends from falling prey to such frauds; and

(3) whether the Cyber Security and Technology Crime Bureau of the Police will, in the coming three years, take measures to further (i) combat the ever-evolving technology crimes and (ii) heighten public vigilance against the approaches adopted in instant message frauds and other types of technology crimes; if so, of the details?

Reply:

President, 

     My reply to the question raised by the Hon Tony Tse is as follows: 

(1) In recent years, technology crime cases received by the Police involved different types of offences, such as those related to online games, online business frauds and unauthorised access to computer systems. Relevant figures in the past five years are tabulated below: 
 
Case nature 2013 2014 2015 2016 2017
Online game-related 425 426 416 363 311
Online business fraud 1 449 2 375 1 911 1 602 1 996
Unauthorised access to computers 1 986 1 477 1 223 1 107 822
Other nature 1 273 2 500 3 312 2 867 2 438
(i) Miscellaneous Fraud 435 1 436 1 733 1 563 1 542
(ii) Child Pornography 41 38 53 43 29
(iii) Distributed Denial of Service (DDoS) Attacks 3 29 35 6 9
(iv) E-banking 40 17 3 2 0
(v) Naked Chat Not
available
638 1 098 697 305
(vi) Other Blackmail 509 46 71 120 94
(vii) Criminal Intimidation 61 81 87 74 88
(viii) Sexual Exploitation 92 79 96 167 223
(ix) Miscellaneous (Note) 92 136 136 195 148
Total 5 133 6 778 6 862 5 939 5 567
Note: Miscellaneous covers many different types of cases, such as online gambling, forged document, phishing URL, identity theft, etc.
 
     In 2017, 266 cases of unauthorised control over instant messaging applications were recorded, representing about 4.8 per cent of all 5 567 technology crime cases of that year. The Police are undertaking investigation on this type of cases and no arrest has been made for the time being.
 
(2) Compared with traditional crimes, the Police generally encounter greater challenges in investigating technology crimes (including cases involving unauthorised control over instant messaging applications) mainly due to the following reasons:
       
(a) The Police require the co-operation of Internet service and content providers in providing relevant information and records to assist with investigation. If the provider is located outside Hong Kong, does not keep such information or only keeps information for a short while, it will be difficult for the Police to gather evidence and obtain leads for tracking down offenders;
 
(b) Many technology crimes were cross-boundary in nature. In some cases, all of the criminal acts were committed outside Hong Kong with only the victim(s) being in Hong Kong or only the payment to fraudsters being remitted through Hong Kong, thus posing greater difficulties for the Police in investigation, evidence-gathering, law enforcement and exercise of jurisdiction;
 
(c) Some victims, after being scammed or after their computer was hacked, deleted the information in their computer immediately or even reinstalled all the software to prevent the computer from further damage, thus destroying all relevant evidence.
 
     Anyone who controls another person's instant messaging application account through any means without authorisation may commit the offence of "access to computer with criminal or dishonest intent" under section 161 of the Crimes Ordinance (Cap 200) and is liable to a maximum penalty of five years' imprisonment.  Anyone who deceives another person into giving away their properties or buying virtual point cards may commit the offence of "obtaining property by deception" under section 17 or "fraud" under section 16A of the Theft Ordinance (Cap 210) and is liable to a maximum penalty of imprisonment for 10 years and 14 years respectively.
      
     Upon receiving reports related to suspected instant messaging application deception cases, the Police will immediately follow up on and actively investigate them. If members of the public suspect that they have come across a deception case, they should, irrespective of whether an actual loss was involved, keep records of their communication with the fraudsters and report the case to the Police for assistance as soon as possible. They may also call the 24-hour Anti-Scam Helpline 18222 of the Hong Kong Police Force (HKPF) to make enquiries or seek assistance.
      
(3) The HKPF is committed to combating technology crimes, and will coordinate Police resources more effectively to combat such crimes and further raise the public's security awareness. The HKPF has put "combating technology crime" as one of the Commissioner's Operational Priorities since 2012, and has also included the element of "enhancing cyber security" since 2014 to highlight its importance and extend its coverage. 
 
     The Police will continue to enhance its technology, equipment and resources input to cope with cyber attacks and combat technology crimes, including the purchase and upgrade of computer software and hardware to enhance the effectiveness of technology crimes investigation, intelligence analysis, digital forensic and training, as well as the upgrade of cyber security equipment and facilities. 
      
     Regarding intelligence exchange and law enforcement operations, the Police will gather intelligence from different channels and take active law enforcement actions to combat crimes. In addition, the Police are proactively exchanging intelligence and conducting working meetings with Mainland and overseas law enforcement agencies to help officers better understand the latest trends of and investigation techniques for online frauds and strengthen international cooperation. The Cyber Security and Technology Crime Bureau has been exchanging intelligence and practices with Interpol and other law enforcement agencies through the Interpol Global Complex for Innovation in Singapore, joining efforts to combat cross-boundary online frauds.
      
     On publicity and education, the Police will proactively strengthen its co-operation with relevant stakeholders, and will make recommendations on the security measures of mobile applications that are commonly used by Hong Kong citizens. Besides, the Police will regularly produce short videos and anti-crime information, as well as introduce the latest modus operandi of fraudsters to the public through various Internet platforms and discussion fora, and by using the Police's electronic platforms, including YouTube, the Hong Kong Police Mobile Application, the Police website and the Police Facebook page, and the "Fight Scams Together" scam prevention information platform. Furthermore, the Police also disseminate anti-crime messages to the public through Police Magazine and traditional media (i.e. television, radio and newspapers).
      
     Moreover, to reinforce the combat against deception cases and raise the public's anti-deception awareness, the Police's Commercial Crime Bureau established in July 2017 the Anti-Deception Coordination Centre (ADCC), which operates round-the-clock. Its major duties include: monitoring and analysing the trends of deception cases, with a view to formulating and implementing combating strategies; coordinating anti-deception publicity work; setting up a 24-hour hotline "Anti-Scam Helpline 18222" to facilitate public enquiries and provide timely assistance; and expediting the investigation of similar deception cases and minimise the loss of victims. In the nine months since it came into operation, the ADCC has received more than 17 700 telephone enquiries. Officers of ADCC provide anti-deception advice to members of the public making telephone enquiries, and assist those in need in making reports.
 
Ends/Wednesday, April 25, 2018
Issued at HKT 15:42
NNNN
Today's Press Releases