(Hong Kong, 3 July 2025) As the summer travel season peaks, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) urges the public to heighten vigilance against sophisticated phishing attacks targeting travelers. Cyber criminals are capitalising on increased travel demand with deceptive tactics including counterfeit booking platforms and mainland fuel card scams, potentially leading to financial losses and identity theft.
Surge in Fake Travel Platforms with Alarming Authenticity
Phishing remains one of Hong Kong's and the world's most prevalent cyber threats. During peak travel periods, hackers frequently create fake websites and emails impersonating major travel service providers. HKCERT has detected a rise in phishing sites mimicking platforms like Agoda and Trip.com - these near-perfect replicas trick users into surrendering login credentials, credit card numbers, and passport details. Victims often only discover they've been compromised after suffering financial damage.
Emerging Threat: Counterfeit Mainland Fuel Stations Target "Northbound Travel for Hong Kong Vehicles"
Beyond travel scams, HKCERT has received multiple reports of phishing sites impersonating major mainland fuel providers like Sinopec. These fraudulent platforms specifically steal prepaid card information, particularly endangering drivers in the "Northbound Travel for Hong Kong Vehicles" scheme. Affected individuals face not just monetary loss but potential travel disruptions due to inability to refuel.
Evolving Tactics: QR Codes and Urgency-Based Traps
Phishing attacks are not limited to websites alone. Cyber criminals may also use phishing emails, instant messages, and even QR codes to trick travellers into divulging personal or payment information. These attacks are becoming increasingly sophisticated, often using lookalike domain names, fake security certificates, and urgent messages to pressure victims into acting quickly without proper verification.
Security Best Practices
To help travellers safeguard their information and finances, HKCERT recommends the following security best practices:
- Ends -
Share the latest information of HKPC to your inbox
Our Services
Support & Resource
HKPC Spotlights
COPYRIGHT© Hong Kong Productivity Council