The perpetrators had acquired access to some of the e-banking accounts by guessing PINs. But the money could not be transferred out to unregistered accounts because two-factor authentication was required.
The authority said it was difficult to figure out whether the trades were profitable, and what the losses were in these cases, if any.
The suspicious trades were detected by one of the banks because trades made by different e-banking accounts were conducted from a single IP address. HSBC and Bank of China (Hong Kong) have called the police, and customers whose accounts were involved have been contacted.
HSBC said it had detected suspicious transactions in some personal customers’ internet banking activity in regular monitoring for fraudulent activity. All five cases are being investigated by the Cyber Security and Technology Crime Bureau.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now